IT threat evolution in Q1 2026. Mobile statistics

IT threat evolution in Q1 2026. Mobile statistics IT threat evolution in Q1 2026. Non-mobile statistics In the third quarter of 2025, we updated the methodology for calculating statistical indicators based on the Kaspersky Security Network. These changes affected all sections of the report except...

Financial cyberthreats in 2025 and the outlook for 2026

In 2025, the financial cyberthreat landscape continued to evolve. While traditional PC banking malware declined in relative prevalence, this shift was offset by the rapid growth of credential theft by infostealers. Attackers increasingly relied on aggregation and reuse of stolen data, rather than...

Mobile malware evolution in 2025

Starting from the third quarter of 2025, we have updated our statistical methodology based on the Kaspersky Security Network. These changes affect all sections of the report except for the installation package statistics, which remain unchanged. To illustrate trends between reporting periods, we...

EUVD-2014-6069

Malware in sbrugna...

EUVD-2014-6084

Malware in sbrugna...

EUVD-2013-5282

Malware in sbrugna...

EUVD-2014-6083

Malware in sbrugna...

EUVD-2014-6075

Malware in sbrugna...

EUVD-2016-0236

Malware in sbrugna...

Detecting DLL hijacking with machine learning: real-world cases

Introduction Our colleagues from the AI expertise center recently developed a machine-learning model that detects DLL-hijacking attacks. We then integrated this model into the Kaspersky Unified Monitoring and Analysis Platform SIEM system. In a separate article, our colleagues shared how the mode...

EUVD-2023-24088

Malicious code in bioql PyPI...

EUVD-2021-29659

Malicious code in bioql PyPI...

CVE-2024-30977

An issue in Secnet Security Network Intelligent AC Management System v.1.02.040 allows a local attacker to escalate privileges via the password component...

CVE-2020-11159

Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE length is less than length of frame pointer being accessed in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon...

CVE-2025-30165

CVE-2025-30165 : In multi-node vLLM deployments using the V0 engine, a secondary host opens a SUB socket and deserializes inbound data with Python’s unsafe pickle over ZeroMQ XPUB/SUB, enabling remote code execution. The issue affects V0 deployments with tensor parallelism across hosts; V1 is una...

Mobile malware evolution in 2024

These statistics are based on detection alerts from Kaspersky products, collected from users who consented to provide statistical data to Kaspersky Security Network. The statistics for previous years may differ from earlier publications due to a data and methodology revision implemented in 2024...

Watch where you point that cred! Part 1

TL;DR Poorly protected authentication requests from privileged automated tasks e.g. vulnerability scanners, health checks could be intercepted by rogue authentication servers planted in the internal network. Weak authentication methods, overly broad privileges and scopes, as well as poor network...

Siemens COMOS XXE Injection Vulnerability (CNVD-2024-47911)

COMOS is a unified data platform for collaborative plant design, operations and management that supports the collection, processing, preservation and distribution of information throughout the plant lifecycle. Siemens COMOS suffers from an XXE injection vulnerability that can be exploited by an...

Kaspersky Security Bulletin 2024. Statistics

All statistics in this report come from Kaspersky Security Network KSN, a global cloud service that receives information from components in our security solutions voluntarily provided by Kaspersky users. Millions of Kaspersky users around the globe assist us in collecting information about...

CVE-2024-7940

The product exposes a service that is intended for local only to all network interfaces without any authentication...