SMB

A targeted supply chain attack via popular software for mounting disk images.

How and why droids from a galaxy far, far away switch their allegiances.

Building a functional app without programming skills is now a possibility, but maintaining it and ensuring cybersecurity remains a challenge. Here are several protective measures that even non-technical creators can implement.

Researchers have established that fiber-optic cables can be exploited for eavesdropping. We’re breaking down how feasible such an attack is in a real-world scenario.

We’re breaking down why developers have moved into the crosshairs, the specific tactics attackers are using, and how to reduce the risks of company infrastructure being compromised.

GDDRHammer, GeForge, and GPUBreach: three new research papers diving into attacks that exploit the Rowhammer technique.

Protecting a security console is more critical than one might think. Here’s the lowdown on control-layer compromise, and how to keep it from happening.

How to manage vulnerabilities when developing or using open-source software.

How the AI boom and increasing reliance on open-source components are piling up corporate security debt — and what you can actually do about it.

How open-source security solutions became the starting point for a massive attack on other popular applications, and what organizations that use them should do.

In November 2025, the npm ecosystem was hit by a flood of junk packages that were part of the IndonesianFoods malicious campaign. We’re breaking down the lessons learned from this incident.

Threat actors are promoting pages containing malicious instructions for installing AI agents intended for workflow automation.

The latest update to Kaspersky Cloud Workload Security adds support for an AI assistant for image analysis.

An in-depth analysis of CVE-2026-3102, a vulnerability posing a potential threat to anyone processing images on a Mac.

Various cases of the ClickFix technique used in real world attacks.

Attackers are delivering phishing links via Google Tasks notifications.

What is the year 2038 problem — also known as “Unix Y2K” — and how to prepare corporate IT systems for it?

Crooks are impersonating your brand to attack customers, partners, and employees. How do you spot — and stop — an attack of the clones?

Who can you trust in the cybersecurity solutions market? Fourteen major vendors were compared in terms of transparency, security management, and data-handling practices – and guess which was a leader across the board?!…

Millions of websites based on React and Next.js contain an easy-to-exploit vulnerability that can lead to complete server takeover. How to check if your server is vulnerable, and protect corporate web assets?

Here’s how to mitigate the risks of targeted attacks on your organization’s mail servers.