We dissect a recent incident where npm packages with millions of downloads were infected by the Shai-Hulud worm. Kaspersky experts describe the starting point for the source of the infection.| Securelist
Kaspersky GReAT expert takes a closer look at the RevengeHotels threat actor's new campaign, including AI-generated scripts, targeted phishing, and VenomRAT.| Securelist
Kaspersky experts discuss the Model Context Protocol used for AI integration. We describe the MCP's architecture, attack vectors and follow a proof of concept to see how it can be abused.| Securelist
In an incident response case, Kaspersky experts discovered new malware that terminates AV processes by abusing the legitimate ThrottleStop driver. Kaspersky solutions successfully counter and detect this threat.| securelist.com
Kaspersky experts have discovered a new spyware called Batavia, which steals data from corporate devices.| securelist.com
Kaspersky analysis of the backdoor recently found in XZ, which is used in many popular Linux distributions and in OpenSSH server process.| securelist.com
In this article, we share our analysis of a recent version of the DinodasRAT implant for Linux, which may have been active since 2022.| securelist.com
We review a new macOS backdoor that piggybacks on cracked software to replace Bitcoin and Exodus wallets with malware.| securelist.com
This is the third part of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year.| securelist.com
This is the second part of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year.| securelist.com
This is part six of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year.| securelist.com
Spyware Telegram mod in Uighur and Chinese spreads through Google Play stealing messages and other user data.| securelist.com
