Business – Kaspersky Official Blog

A look at the most significant supply-chain attacks of 2025, and their impact on target organizations.

How Trivy and CheckMarx open-source solutions became the starting point for a massive TeamPCP attack on other applications, and what organizations using them should do.

The Tycoon phishing kit has introduced new functionality to create redirect web apps with the help of Bubble.

The IndonesianFoods campaign saw attackers flood the npm registry with junk packages. We explore how it works, and how to safeguard enterprise development.

Threat actors are advertising pages featuring malicious instructions for installing AI agents like Claude Code, Doubao, and OpenClaw.

Why educational institutions are increasingly falling victim to ransomware, the risks phishing and USB drives pose, and how to secure the digital infrastructure of schools and universities.

The Kaspersky Container Security solution (part of the Kaspersky Cloud Workload Security offering) now has an OpenAI API interface for an LLM.

A comprehensive guide to mitigating the dangerous ExifTool vulnerability affecting image metadata processing on macOS.

Why use the on-prem version of the Kaspersky Threat Attribution Engine (KTAE), and how to connect it to IDA Pro using a free plugin?

Finger, DNS-lookup, captcha, and other ways ClickFix techniques is being used in real world attacks.