- To buy or not to buy: How cybercriminals capitalize on Black Friday
by Kaspersky on November 24, 2025 at 12:30 pmHow cybercriminals prepare for Black Friday: phishing, scams and malware targeting online shoppers and gamers, fake sales in spam and real sales on the dark web.
- IT threat evolution in Q3 2025. Non-mobile statistics
by AMR on November 19, 2025 at 10:00 amThe report presents key trends and statistics on malware that targets personal computers running Windows and macOS, as well as Internet of Things (IoT) devices, during the third quarter of 2025.
- Post-exploitation framework now also delivered via npm
by Vladimir Gursky, Artem Ushkov on October 17, 2025 at 10:00 amThe npm registry contains a malicious package that downloads the AdaptixC2 agent onto victims’ devices, Kaspersky experts have found. The threat targets Windows, Linux, and macOS.
- SEO spam and hidden links: how to protect your website and your reputation
by Anna Larkina on October 17, 2025 at 7:00 amAre you seeing your website traffic drop, and security systems blocking it for pornographic content that is not there? Hidden links, a type of SEO spam, could be the cause.
- Massive npm infection: the Shai-Hulud worm and patient zero
by Vladimir Gursky, Dmitry Vinogradov on September 25, 2025 at 10:00 amWe dissect a recent incident where npm packages with millions of downloads were infected by the Shai-Hulud worm. Kaspersky experts describe the starting point for the source of the infection.
- Shiny tools, shallow checks: how the AI hype opens the door to malicious MCP servers
by Mohamed Ghobashy on September 15, 2025 at 10:00 amKaspersky experts discuss the Model Context Protocol used for AI integration. We describe the MCP’s architecture, attack vectors and follow a proof of concept to see how it can be abused.
- Cookies and how to bake them: what they are for, associated risks, and what session hijacking has to do with it
by Anna Larkina, Natalya Zakuskina on September 2, 2025 at 10:00 amKaspersky experts explain the different types of cookies, how to configure them correctly, and how to protect yourself from session hijacking attacks.
- Toxic trend: Another malware threat targets DeepSeek
by Lisandro Ubiedo on June 11, 2025 at 10:00 amKaspersky GReAT experts discovered a new malicious implant: BrowserVenom. It enables a proxy in browsers like Chrome and Mozilla and spreads through a DeepSeek-mimicking phishing website.
- Arcane stealer: We want all your data
by AMR on March 19, 2025 at 10:00 amThe new Arcane stealer spreads via YouTube and Discord, collecting data from many applications, including VPN and gaming clients, network utilities, messaging apps, and browsers.
- Trojans disguised as AI: Cybercriminals exploit DeepSeek’s popularity
by Vladislav Tushkanov, Vasily Kolesnikov, Oleg Kupreev, Denis Sitchikhin, Alexander Kryazhev on March 6, 2025 at 10:00 amKaspersky experts have discovered campaigns distributing stealers, malicious PowerShell scripts, and backdoors through web pages mimicking the DeepSeek and Grok websites.
Web Threats
We are an ethical website cyber security team and we perform security assessments to protect our clients.