kaspersky Archives • Page 2 of 3 • Daily CyberSecurity

Russian Tomiris APT Adopts “Polyglot” Strategy, Hijacking Telegram/Discord as Covert C2 for Diplomatic Spies Tomiris APT, Polyglot C2

Russian Tomiris APT Adopts “Polyglot” Strategy, Hijacking Telegram/Discord as Covert C2 for Diplomatic Spies

Do Son December 1, 2025

A notorious threat actor known as “Tomiris” has returned with a revamped arsenal, launching a focused campaign...

Zombie Protocol: How NTLM Flaws Like CVE-2024-43451 Are Haunting 2025 NTLM Vulnerabilities, CVE-2024-43451 CVE-2024-37361 - RESURGE Malware

Zombie Protocol: How NTLM Flaws Like CVE-2024-43451 Are Haunting 2025

Do Son November 28, 2025

A new report from Kaspersky Labs reveals that despite being over two decades old, the NTLM authentication...

Tsundere Botnet Uncovered: Node.js Malware Uses Ethereum Smart Contract for Unkillable C2 and Runs Cybercrime Marketplace Tsundere Blockchain C2, Node.js Botnet

Tsundere Botnet Uncovered: Node.js Malware Uses Ethereum Smart Contract for Unkillable C2 and Runs Cybercrime Marketplace

Do Son November 24, 2025

Kaspersky’s Global Research & Analysis Team (GReAT) has identified a fast-growing new botnet—dubbed Tsundere—that blends Node.js implants,...

Beyond Defense: New Report Exposes How Russian Cyber Firms Aid the Kremlin’s War Sandworm Tactical Pivot, Edge Device Misconfiguration Russian cyber firms, Kremlin ties Sandworm MAX messenger

Sandworm Tactical Pivot, Edge Device Misconfiguration Russian cyber firms, Kremlin ties Sandworm MAX messenger

Beyond Defense: New Report Exposes How Russian Cyber Firms Aid the Kremlin’s War

Do Son September 1, 2025

The war in Ukraine has reshaped not only geopolitics but also the digital battlefield. A new report...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Kaspersky Report: Vulnerabilities Are Exploding, and Attackers Are Adapting

Do Son August 29, 2025

Kaspersky Labs has published its Q2 2025 vulnerability analysis, revealing an alarming rise in both the number...

Spies in Your Skype: GodRAT Malware Uses Steganography to Target Financial Firms Cyber-espionage, GodRAT

Spies in Your Skype: GodRAT Malware Uses Steganography to Target Financial Firms

Do Son August 20, 2025

Kaspersky Labs has identified a sophisticated cyber-espionage campaign targeting financial institutions, particularly trading and brokerage firms, through...

PipeMagic Returns: Kaspersky Uncovers Evolving Backdoor Linked to CVE-2025-29824 Exploits Backdoor, PipeMagic CVE-2025-29824

PipeMagic Returns: Kaspersky Uncovers Evolving Backdoor Linked to CVE-2025-29824 Exploits

Do Son August 19, 2025

Kaspersky Labs has released a new report shedding light on the persistent threat posed by PipeMagic, a...

Beyond Phishing: How AI and Deepfakes Are Powering a New Generation of Scams

Do Son August 18, 2025

Phishing and online scams are no longer confined to poorly written emails and obvious fake websites. A...

Kaspersky Uncovers Stealthy Cyberespionage: Russia & Asia Targeted by DLL Hijacking & Social Media C2 Cyberespionage, DLL Hijacking

Kaspersky Uncovers Stealthy Cyberespionage: Russia & Asia Targeted by DLL Hijacking & Social Media C2

Do Son July 31, 2025

Kaspersky Labs has revealed a highly obfuscated cyberespionage campaign targeting Russian IT companies and global businesses, employing...

APT41 Unleashes Full Arsenal in Rare African Cyberespionage Campaign Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

APT41 Unleashes Full Arsenal in Rare African Cyberespionage Campaign

Do Son July 22, 2025

In a newly published report, Kaspersky’s Managed Detection and Response (MDR) team has unveiled a high-level cyberespionage...

GhostContainer: Kaspersky Uncovers Stealthy Backdoor Infiltrating Government & High-Tech Exchange Servers Exchange Backdoor, GhostContainer

GhostContainer: Kaspersky Uncovers Stealthy Backdoor Infiltrating Government & High-Tech Exchange Servers

Do Son July 18, 2025

In a recent incident response operation, Kaspersky Labs uncovered a highly sophisticated backdoor named GhostContainer, designed to...

Cursor AI IDE Hacked: Fraudulent Extension Steals $500K in Crypto from Russian Developer Cursor AI, Crypto Theft

Cursor AI IDE Hacked: Fraudulent Extension Steals $500K in Crypto from Russian Developer

Do Son July 15, 2025

A fraudulent extension for the Cursor AI IDE—an editor built upon Microsoft’s open-source Visual Studio Code—was used...

Spyware Reloaded: SparkKitty Stalks Crypto Wallets via TikTok Mods and Fake Apps

Do Son June 24, 2025

Kaspersky Labs has uncovered a stealthy evolution of mobile spyware connected to the infamous SparkCat campaign. Dubbed...

Librarian Ghouls APT: The Threat Actor Turning Legitimate Tools into a Cybercrime Toolkit

Do Son June 10, 2025

A stealthy Advanced Persistent Threat (APT) group tracked as Librarian Ghouls—also known by aliases Rare Werewolf and...

Kaspersky Exposes Hidden Dangers: Are Your Containers Truly Secure? Container Security

Kaspersky Exposes Hidden Dangers: Are Your Containers Truly Secure?

Do Son June 5, 2025

As containers become the backbone of modern software deployment, many organizations still misjudge their isolation guarantees —...

Kaspersky Report Reveals Growing Threat from Old Exploits and OS Vulnerabilities in Q1 2025 Cybersecurity, Vulnerabilities

Kaspersky Report Reveals Growing Threat from Old Exploits and OS Vulnerabilities in Q1 2025

Do Son June 3, 2025

Kaspersky’s latest “Exploits and vulnerabilities in Q1 2025” shows that attackers are doubling down on aging exploits,...

Outlaw Botnet Exploits Weak SSH to Hijack Linux Systems for Crypto Mining Outlaw botnet, Linux crypto mining

Outlaw Botnet Exploits Weak SSH to Hijack Linux Systems for Crypto Mining

Do Son May 1, 2025

While high-profile ransomware and state-backed APT groups often dominate headlines, it’s crucial not to overlook quieter yet...

Lazarus Group’s “Operation SyncHole” Targets South Korean Industries Lazarus Group, Cyber Espionage Operation SyncHole

Lazarus Group’s “Operation SyncHole” Targets South Korean Industries

Do Son April 27, 2025

Kaspersky Labs has recently revealed a major cyber-espionage campaign conducted by the Lazarus group, dubbed “Operation SyncHole.”...

Sophisticated Backdoor Attack Targets ViPNet Networks Backdoor ViPNet

Sophisticated Backdoor Attack Targets ViPNet Networks

Do Son April 22, 2025

In a recent cybersecurity incident, a sophisticated backdoor targeting large organizations in Russia has been uncovered. The...

Australia Bans Kaspersky Products from Government Systems, Citing “Unacceptable Security Risk”

Do Son February 23, 2025

The Australian Government has issued a new directive banning the use of Kaspersky Lab products and web...

Critical Alert 2 Active Exploits Detected Today