Web Threats

Kaspersky researchers uncover a new version of the Shai Hulud npm worm, which is attacking targets in Russia, India, Brazil, China, and other countries, and has wiper features.

Kaspersky Security Bulletin contains statistics on various cyberthreats for the period from November 2024 to October 2025, which are based on anonymized data voluntarily provided by Kaspersky users via Kaspersky Security Network (KSN).

How cybercriminals prepare for Black Friday: phishing, scams and malware targeting online shoppers and gamers, fake sales in spam and real sales on the dark web.

The report presents key trends and statistics on malware that targets personal computers running Windows and macOS, as well as Internet of Things (IoT) devices, during the third quarter of 2025.

The npm registry contains a malicious package that downloads the AdaptixC2 agent onto victims’ devices, Kaspersky experts have found. The threat targets Windows, Linux, and macOS.

Are you seeing your website traffic drop, and security systems blocking it for pornographic content that is not there? Hidden links, a type of SEO spam, could be the cause.

We dissect a recent incident where npm packages with millions of downloads were infected by the Shai-Hulud worm. Kaspersky experts describe the starting point for the source of the infection.

Kaspersky experts discuss the Model Context Protocol used for AI integration. We describe the MCP’s architecture, attack vectors and follow a proof of concept to see how it can be abused.

Kaspersky experts explain the different types of cookies, how to configure them correctly, and how to protect yourself from session hijacking attacks.

Kaspersky GReAT experts discovered a new malicious implant: BrowserVenom. It enables a proxy in browsers like Chrome and Mozilla and spreads through a DeepSeek-mimicking phishing website.