- Massive npm infection: the Shai-Hulud worm and patient zero
by Vladimir Gursky, Dmitry Vinogradov on September 25, 2025 at 10:00 amWe dissect a recent incident where npm packages with millions of downloads were infected by the Shai-Hulud worm. Kaspersky experts describe the starting point for the source of the infection.
- Shiny tools, shallow checks: how the AI hype opens the door to malicious MCP servers
by Mohamed Ghobashy on September 15, 2025 at 10:00 amKaspersky experts discuss the Model Context Protocol used for AI integration. We describe the MCP’s architecture, attack vectors and follow a proof of concept to see how it can be abused.
- Cookies and how to bake them: what they are for, associated risks, and what session hijacking has to do with it
by Anna Larkina, Natalya Zakuskina on September 2, 2025 at 10:00 amKaspersky experts explain the different types of cookies, how to configure them correctly, and how to protect yourself from session hijacking attacks.
- Toxic trend: Another malware threat targets DeepSeek
by Lisandro Ubiedo on June 11, 2025 at 10:00 amKaspersky GReAT experts discovered a new malicious implant: BrowserVenom. It enables a proxy in browsers like Chrome and Mozilla and spreads through a DeepSeek-mimicking phishing website.
- Arcane stealer: We want all your data
by AMR on March 19, 2025 at 10:00 amThe new Arcane stealer spreads via YouTube and Discord, collecting data from many applications, including VPN and gaming clients, network utilities, messaging apps, and browsers.
- Trojans disguised as AI: Cybercriminals exploit DeepSeek’s popularity
by Vladislav Tushkanov, Vasily Kolesnikov, Oleg Kupreev, Denis Sitchikhin, Alexander Kryazhev on March 6, 2025 at 10:00 amKaspersky experts have discovered campaigns distributing stealers, malicious PowerShell scripts, and backdoors through web pages mimicking the DeepSeek and Grok websites.
- The GitVenom campaign: cryptocurrency theft using GitHub
by Georgy Kucherin, Joao Godinho on February 24, 2025 at 9:26 amKaspersky researchers discovered GitVenom campaign distributing stealers and open-source backdoors via fake GitHub projects.
- Web tracking report: who monitored users’ online activities in 2023–2024 the most
by Anna Larkina, Flavio Negrini on September 24, 2024 at 10:00 amKaspersky experts review Do Not Track (DNT) statistics for the most widely used web tracking services in 2023 and 2024 operated by companies like Google, Microsoft, etc.
- Tropic Trooper spies on government entities in the Middle East
by Sherif Magdy on September 5, 2024 at 8:00 amKaspersky experts found a new variant of the China Chopper web shell from the Tropic Trooper group that imitates an Umbraco CMS module and targets a government entity in the Middle East.
- Privacy predictions for 2024
by Anna Larkina, Vladislav Tushkanov, Dmitry Momotov on January 25, 2024 at 10:00 amKaspersky experts review their privacy predictions for 2023 and last year’s trends, and try to predict what privacy concerns and solutions are to come in 2024.
Web Threats
We are an ethical website cyber security team and we perform security assessments to protect our clients.