All Malware Data Breach Privacy APT Vulnerability General
The Hacker News Vulnerability

Microsoft Patches Record 622 Flaws, Including Two Zero-Days Under Active Attack

Microsoft shipped its largest Patch Tuesday on record today, and two of the fixes close holes that attackers are already exploiting. The release covers 622 of Microsoft's own CVEs by its Security Update Guide count, more than triple June's previous high of around 200. Those two

The Hacker News Vulnerability

Two SonicWall SMA 1000 Zero-Days Exploited, One Could Enable Admin Commands

SonicWall has warned of active exploitation of two zero-day vulnerabilities impacting Secure Mobile Access (SMA) 1000 series appliances, one of which could be exploited to achieve arbitrary command execution. The vulnerabilities are listed below - CVE-2026-15409 (CVSS score:

Kaspersky General

Inside the 2026 SMB threat landscape: From phishing and scams to fake AI tools

Kaspersky researchers analyze the threat landscape for SMBs in 2026: the rise of attacks involving fake AI tools, phishing schemes, and data sold on the dark web.

Kaspersky Vulnerability

Beware of the license manager: how a Schneider Electric software vulnerability puts industrial facilities at risk

Analysis of CVE-2024-2658 as found in Schneider Electric's Floating License Manager. Discover how this FlexNet Publisher vulnerability potentially allows attackers to escalate to NT AUTHORITY\SYSTEM privileges and expand their foothold; learn how to mitigate the risk.

Kaspersky Malware

The Gentlemen are knocking: сustom backdoors and evolving tactics

Kaspersky researchers analyze incidents related to The Gentlemen RaaS group, disclose their tools and TTPs, and find a new ransomware variant.

Kaspersky APT

ToddyCat: your hidden email assistant. Part 2

An in-depth analysis of Umbrij, a new tool used by the ToddyCat APT group to compromise corporate email communications in Gmail. The attack targeted OAuth authorization tokens, allowing threat actors to gain access to Google services.

Kaspersky General

OpenClaw: risks for the users and how to mitigate them

Researching OpenClaw vulnerabilities, malicious skills, and other security issues with the popular agent, and providing tips on how to mitigate them.

Kaspersky Malware

The SOC Files: ScreenConnect masked as freeware. An inside look at a large-scale campaign

Kaspersky experts have uncovered a malicious network infrastructure for delivering AsyncRAT. The Trojan is dropped via compromised ScreenConnect software. In this post, we break down the infection chain and analyze the C2 infrastructure.

Kaspersky General

Missed incidents, persistent threats, and response gaps: Insights from compromise assessment projects

Kaspersky Compromise Assessment specialists analyze trends from the service's 2025 projects and provide tips on how to enhance your organization's security.

Kaspersky Malware

Armored Likho digging a snake pit: inside the covert BusySnake Stealer campaign

An inside look at the active Armored Likho APT campaign. The attackers are using spear-phishing, AI-generated loaders, and a new Python-based tool, BusySnake Stealer, to target organizations in Russia, Kazakhstan, and Brazil.

Kaspersky APT

When checking the URL isn’t enough: a Device Code Phishing attack via a Microsoft website

The OAuth 2.0 Device Authorization Grant specification was designed to streamline authentication for Smart TVs, IoT devices, and printers. Today, threat actors are weaponizing it.

Kaspersky Vulnerability

Threat landscape for industrial automation systems. Q1 2026

This report contains industrial threat statistics for Q1 2026, including industrial threat distribution by type, source, region and industry.

Prev 1 ... 8 9 10 11 12 ... 86 Next