‘Twas the night before
Recently, the United States Cyber Command (USCYBERCOM Malware Alert @CNMF_VirusAlert) highlighted several VirusTotal uploads of theirs – and the executable objects relating to 2016...
What is New with Ansible 2.8?
Read more
Sodin ransomware exploits Windows vulnerability and processor architecture
When Sodin (also known as Sodinokibi and REvil) appeared in the first half of 2019, it immediately caught our attention for distributing itself through...
How we hacked our colleague’s smart home
In this article, we publish the results of our study of the Fibaro Home Center smart home. We identified vulnerabilities in Fibaro Home Center...
Criminals, ATMs and a cup of coffee
In spring 2019, we discovered a new ATM malware sample written in Java that was uploaded to a multiscanner service from Mexico and later...
ViceLeaker Operation: mobile espionage targeting Middle East
In May 2018, we discovered a campaign targeting dozens of mobile Android devices belonging to Israeli citizens. Kaspersky spyware sensors caught the signal of...
Latest article
CVE-2026-41940: cPanel & WHM Authentication Bypass
OverviewOn April 28, 2026, cPanel issued a security update to fix a critical vulnerability affecting the cPanel & WHM and WP Squared products. In...
Cursor Extension Flaw Exposes Developer API Keys
Cursor flaw lets extensions steal API keys and session tokens without user interaction, according to researchers at LayerX - Read more
CVE-2026-21246 Windows Graphics Component Elevation of Privilege Vulnerability
Acknowledgement added. This is an informational change only. - Read more
ClickUp Data Leak Exposes Enterprise Emails for Over a Year
A hardcoded ClickUp API key exposed hundreds of corporate and government emails for over a year, raising new SaaS security concerns.
The post ClickUp Data...
