Skip to main content

Tag: kaspersky

57 articles

Formal office setting with laptop, papers, and pen on a desk near a window overlooking a cityscape.

GoSerpent Malware Targets Southeast Asian Governments for Espionage

A stealthy cyber threat, known as GoSerpent, has been secretly targeting Southeast Asian governments and diplomats since late 2025, with the goal of gathering sensitive intelligence. This sophisticated malware has been evolving, with a new set of malicious tools deployed as recently as May 2026.

Analyst 207
Empty corporate IT room with server racks and workstations, one out-of-focus laptop screen visible.

Kaspersky Compromise Assessments Reveal Persistent Detection Gaps

Kaspersky's 2025 Compromise Assessment analysis reveals a shocking truth: 60% of incidents go undetected due to a lack of reliable alerts from existing tools, while manual detection accounts for only 20% of discovered threats. This blind spot allows threats to hide for alarmingly long periods, with 30.8% of incidents having a dwell time of over three months.

Analyst 207
Mexico's Public Wi-Fi Exposes Security Risks Ahead of 2026 World Cup

Mexico's Public Wi-Fi Exposes Security Risks Ahead of 2026 World Cup

Mexico's public Wi-Fi networks are leaving users vulnerable to security threats, with a staggering 84,588 signals and 69,473 unique network identifiers detected in high-traffic areas across the country. This alarming discovery comes as Mexico prepares to host the 2026 World Cup, highlighting the urgent need for improved cybersecurity measures.

Analyst 207
Software development workstation with Docker interface on laptop and monitor, surrounded by tools and notes.

Docker Images Expose Hidden Vulnerabilities

Docker containers are a top target for attackers, with a recent analysis of 100 popular Docker Hub images revealing that 64 contained critical flaws due to outdated software versions. Only one in ten images was fully up to date, leaving a vast majority vulnerable to predictable and dangerous exposures.

Analyst 207
Cluttered home office desk with a Mac computer, papers, notebook, and pen.

ExifTool Flaw Exposes Macs to Arbitrary Command Execution

A newly discovered vulnerability in ExifTool, known as CVE-2026-3102, left Macs open to hackers who could exploit it to run malicious commands by hiding them in image metadata. This flaw allowed attackers to take control by slipping instructions into seemingly harmless image files.

Analyst 207
Industrial machines and workstations in a manufacturing facility with a partially open shipping container in the foreground.

Ransomware Evolves With Post-Quantum Encryption, New Extortion Tactics

Ransomware attacks may be on the decline, but don't let your guard down - attackers are getting smarter, ditching encryption, and selling stolen data, with the manufacturing sector alone losing a whopping $18 billion in just three quarters. The threat may have evolved, but the damage and risk remain very real.

Analyst 207
Laptop on a beige desk in a neutral office setting with soft daylight.

xrdp Vulnerability Exposes Remote Code Execution Risk

A critical vulnerability, CVE-2025-68670, was discovered in the xrdp remote desktop server, allowing for remote code execution - a flaw that was thankfully patched in January 2026. This security risk was found during a routine audit, highlighting the importance of regular security checks to protect against potential threats.

Analyst 207
High-end graphics card sits on a clean, neutral-colored surface in a brightly-lit setting.

MD5 Password Hashes Cracked in Under an Hour

In a shocking test, Kaspersky researchers cracked 60% of 231 million MD5 password hashes in under an hour using just one high-powered graphics card, revealing the alarming vulnerability of even the most seemingly secure passwords. This unsettling experiment highlights the urgent need for stronger password protection.

Analyst 207
Person working on laptop with blurred webpage on screen in a home office setting.

Kaspersky Exposes Web Filtering Category for Sites with Undefined Trust Levels

Kaspersky has introduced a new web-filtering category for sites that just don't feel right - they're not quite phishing sites, but you still shouldn't trust them. The new "Sites with an undefined trust level" category helps keep you safe from manipulative or shady online resources.

Analyst 207
Cluttered office desk with laptop and papers, surrounded by software boxes and manuals.

Kaspersky Uncovers Trojanized DAEMON Tools in Targeted Supply-Chain Attack

If you installed DAEMON Tools between April 8 and now, your system may be compromised - Kaspersky researchers warn that a highly sophisticated supply-chain attack has been delivering a backdoor to thousands of systems via trojanized installers. Check your machines for unusual activity and take action ASAP to protect your organization.

Analyst 207
Software installation on a laptop in an office setting with a hint of logistics background.

Kaspersky Uncovers DAEMON Tools Supply Chain Attack

Kaspersky researchers have uncovered a sneaky supply chain attack that used compromised DAEMON Tools installers, downloaded directly from the official website, to deliver a malicious payload - and what's even scarier is that these installers were digitally signed by the very developers of DAEMON Tools themselves.

Analyst 207
Damaged computer equipment and cables in a dimly lit server room.

Lotus Wiper Malware Disrupts Venezuelan Energy Sector

Cybersecurity researchers uncovered a highly destructive malware, known as Lotus Wiper, that was used to disrupt Venezuela's energy sector in a targeted attack. This powerful data wiper was deployed in a series of devastating attacks at the end of 2025 and beginning of 2026.

Analyst 207
Destroyed electrical substation at dusk with rubble, shattered phone, and scattered papers amidst ominous cityscape.

Lotus Malware Targets Venezuelan Energy Firms with Data-Wiping Attacks

A new, highly destructive malware called Lotus has been targeting Venezuela's energy sector, leaving systems completely unrecoverable after wiping data and disabling recovery mechanisms. This devastating attack systematically deletes files and overwrites physical drives, causing irreversible damage.

Analyst 207
Cracked smartphone screen with eerie glow, amidst tangled wires and broken keyboard key, set against a blurred Latin…

Kaspersky Uncovers JanelaRAT Malware Targeting Latin American Users

Kaspersky's Global Research and Analysis Team has uncovered a sophisticated malware campaign, dubbed JanelaRAT, that's specifically targeting users in Latin America with financial threats. This evolved malware has been detailed in a recent report, revealing its updated functionality and infection chain.

Analyst 207
Dark cityscape with a lone figure amidst shattered laptop screen, coins, and swirling binary code, evoking financial chaos.

Kaspersky Report Warns of Evolving Financial Cyberthreats

Stay ahead of financial cyber threats with Kaspersky's expert report, which reveals the latest trends and patterns from 2025 and offers a crucial outlook for 2026. Discover how phishing, PC malware, and infostealers are shaping the threat landscape and what it means for your financial security.

Analyst 207
Person intensely focused in dimly lit room surrounded by screens displaying code and Mexico maps.

Kaspersky Uncovers Horabot Campaign Targeting Mexico

Kaspersky's Security Operations Center has uncovered a complex Horabot campaign targeting Mexico, and is now sharing crucial insights on how it works and how to detect it. This critical threat intelligence will help defenders in Mexico and beyond prioritize their resources and stay one step ahead of the threat.

Analyst 207
Cityscape at dusk with cracked glass window reflecting distorted computer screens and code, symbolizing cyber threats.

Kaspersky Report Exposes Shifting Cyberattack Landscape

Get ready to face the future of cyber threats! The Kaspersky Security Services report delivers eye-opening insights into the evolving cyberattack landscape, combining real-world incident response findings with hard data from its Managed Detection and Response service.

Analyst 207
Person in shadows holds smartphone and laptop, surrounded by ghostly triangles and geometric shapes, evoking cyber threat…

Kaspersky Uncovers Coruna Exploit Kit Linked to Operation Triangulation

Kaspersky's researchers have made a significant discovery: the Coruna exploit kit, now targeting iPhones, uses an updated kernel exploit linked to the notorious Operation Triangulation. This finding highlights the evolving threat landscape, where offensive code is repurposed to target new devices.

Analyst 207
Person in shadows intently watches cityscape on laptop screen, symbolizing surveillance and control.

Kaspersky Uncovers CrystalX RAT with Extensive Spyware and Stealer Capabilities

Meet CrystalX, a sinister new remote-access tool that's being sold as a ready-made menace, packing an alarming combination of spyware, stealer, and prankware capabilities that put your digital security at risk. This malicious toolkit is the latest threat to watch out for, and Kaspersky researchers are sounding the alarm.

Analyst 207
Mustang Panda Exclusive: Signed Rootkit Threatens Systems

Mustang Panda Exclusive: Signed Rootkit Threatens Systems

Think a signed driver means its safe? Kaspersky uncovered Mustang Panda using a legitimately signed rootkit to load the TONESHELL backdoor and bypass defenses—proof that a signed rootkit can be weaponized to gain kernel‑level control.

Analyst 207
RevengeHotels malware: Stunning, Dangerous AI Comeback

RevengeHotels malware: Stunning, Dangerous AI Comeback

Kaspersky warns that RevengeHotels has resurfaced, now using AI to churn out highly convincing fake booking pages and tailored phishing messages that quietly steal card details. Travelers and hotels should double-check booking links, vet payment workflows, and monitor transactions closely to avoid getting burned.

Analyst 207
China Cyber Espionage Africa: Stunning Critical Risk

China Cyber Espionage Africa: Stunning Critical Risk

As Africa’s digital services boom, a China-linked group tied to APT41 has been quietly targeting government networks and critical infrastructure—stealing data and eroding public trust. Strengthening cybersecurity, building local talent, and boosting regional cooperation are urgent steps to protect citizens and preserve digital sovereignty.

Analyst 207
China cyber espionage: Stunning Threat to Africa

China cyber espionage: Stunning Threat to Africa

As African governments rapidly digitize, startling new research linking APT41—widely tied to China—to precise, long-running intrusions shows our digital services and citizens’ data are suddenly on the frontline of global espionage. It’s a wake-up call: without stronger defenses, collaboration, and local expertise, nations risk costly breaches that undermine security, economies, and public trust.

Analyst 207
AsyncRAT Code Release Drives Global Rise in Malware Threats

AsyncRAT Code Release Drives Global Rise in Malware Threats

When a powerful open-source tool like AsyncRAT falls into the wrong hands, it can quickly transform from a helpful remote admin app into a global malware menace—fueling a surge of cyberattacks that threaten industries worldwide.

Analyst 207