- What’s in the container? Analyzing vulnerabilities, risks and protection with Kaspersky Container Security and the KIRA AI assistant
by Yaroslav Shmelev, Anton Kivva, Denis Parinov, Vladimir Kuskov, Yanina Balandyuk-Opalinskaya on May 29, 2026 at 7:00 amWhat are the main risks for container environments: vulnerabilities, supply chain attacks, configuration errors; how to improve container security and how Kaspersky Container Security with the KIRA AI assistant can help.
- How an image could compromise your Mac: understanding an ExifTool vulnerability (CVE-2026-3102)
by Lucas Tay on May 20, 2026 at 9:02 amWe explain how a flaw in ExifTool allows attackers to compromise macOS systems via a malicious image (CVE-2026-3102).
- CVE-2025-68670: discovering an RCE vulnerability in xrdp
by Denis Skvortsov, Dmitry Shmoylov on May 8, 2026 at 8:00 amDuring a security assessment of Kaspersky USB Redirector, we discovered CVE-2025-68670: a pre-auth RCE in the xrdp server component. Project maintainers promptly patched the vulnerability.
- Exploits and vulnerabilities in Q1 2026
by Alexander Kolesnikov on May 7, 2026 at 10:00 amThis report provides statistical data on published vulnerabilities and exploits we researched during Q1 2026. It also includes summary data on the use of C2 frameworks in APT attacks.
- PhantomRPC: A new privilege escalation technique in Windows RPC
by Haidar Kabibo on April 24, 2026 at 8:00 amKaspersky researcher discovered a vulnerability in RPC architecture that enables an attacker to create a fake RPC server and escalate their privileges.
- Coruna: the framework used in Operation Triangulation
by Boris Larin on March 26, 2026 at 8:00 amKaspersky GReAT experts look into the Coruna exploit kit targeting iPhones. We discovered that the kernel exploit for CVE-2023-32434 and CVE-2023-38606 is an updated version of the Operation Triangulation exploit.
- Exploits and vulnerabilities in Q4 2025
by Alexander Kolesnikov on March 6, 2026 at 10:00 amThis report provides statistical data on published vulnerabilities and exploits we researched during Q4 2025. It also includes summary data on the use of C2 frameworks in APT attacks.
- God Mode On: how we attacked a vehicle’s head unit modem
by Alexander Kozlov, Sergey Anufrienko, Kaspersky ICS CERT on December 16, 2025 at 10:00 amKaspersky researchers describe how they gained access to a vehicle’s head unit by exploiting a single vulnerability in its modem.
- It didn’t take long: CVE-2025-55182 is now under active exploitation
by Kaspersky, Yaroslav Shmelev on December 11, 2025 at 7:30 amThreat actors are now exploiting CVE-2025-55182, and attacks are poised to grow. Here’s what you need to know about the vulnerability, how our honeypots are being targeted, what malware is being deployed, and how to protect your systems.
- Exploits and vulnerabilities in Q3 2025
by Alexander Kolesnikov on December 3, 2025 at 10:00 amThis report provides statistical data on vulnerabilities published and exploits we researched during the third quarter of 2025. It also includes summary data on the use of C2 frameworks.
Vulnerabilities and Exploits
We are an ethical website cyber security team and we perform security assessments to protect our clients.