EDR

Hacktivist outfits, namely 4BID, Hakerskii Kit, and C.A.S., are now targeting organizations across Kazakhstan, the UAE, Egypt, and Syria.

Over the past two months, the anonymous researcher Nightmare Eclipse has publicly released six Windows vulnerabilities complete with ready-to-use exploits, without prior coordination with Microsoft. The most critical of these is MiniPlasma.

Targeted by threat actors: individuals and organizations across 100+ countries and territories, with the majority of victims located in Russia, Brazil, Turkey, Spain, Germany, France, Italy, and China.

The vulnerability affects kernels released between 2017 and 2026. Both outdated server configurations and modern distributions are at risk: Ubuntu, RHEL etc.

The Silver Fox group is targeting companies in Russia and India by impersonating tax authorities to distribute ValleyRAT and the new ABCDoor backdoor.

Kaspersky researchers analyze the attack chain of a highly destructive Lotus Wiper that can be linked to a targeted attack on the energy and utilities sector.

We examine how Kaspersky Anti Targeted Attack detects the network activity of AdaptixC2 agents across HTTP/S, TCP, SMB, and other protocols, and how EDR solutions identify post-exploitation activities on a host.

In April 2026, cpuid.com delivered trojanized CPU-Z and HWMonitor installers with STX RAT. 150+ victims in Brazil, Russia, China.

Kaspersky GReAT experts discovered previously undocumented infection chains used in the Notepad++ supply chain attacks. The article provides new IoCs related to those incidents which employ DLL sideloading and Cobalt Strike Beacon delivery.

On January 20, Kaspersky solutions detected malware used in eScan antivirus supply chain attack. In this article we provide available information on the threat: indicators of compromise, threat hunting and mitigating tips, etc.