ZCyberNews
中文

#kaspersky

13 articles

This archive collects 14 articles tagged kaspersky published between April 16, 2026 and July 17, 2026, giving security teams a focused view of how this topic has appeared across ZCyberNews coverage. Observed actor references include CrystalX, GoSerpent, and HelloNet, presented only where the underlying article metadata supports the attribution. The affected-scope signals emphasize finance, education, and energy across Global, Russia, and Southeast asia, helping readers compare exposure patterns without adding claims beyond the archive data. Severity coverage includes 1 critical, and 11 high reports.

Diagram of GoSerpent attack chain showing initial deployment, C2 communication, credential dumping, and data exfiltration phasesHIGH
Malware

GoSerpent Backdoor Evolves in Targeted Attacks on Southeast Asian

Kaspersky details the GoSerpent backdoor, active since 2021, targeting government entities in Southeast Asia with a 2026 variant that uses encrypted C2, SOCKS5 proxying, and...

4 min readGoSerpent
Diagram of HelloNet attack chain showing ViPNet update system DLL sideloading leading to HelloInjector, HelloProxy, and HelloBackdoor modulesHIGH
Threat Intel

HelloNet Campaign Hijacks ViPNet Update System to Deploy Malicious

Kaspersky details HelloNet APT campaign targeting Russian government, energy, and transport sectors via ViPNet update system DLL sideloading since May 2026.

4 min readHelloNet
Diagram of OkoBot infection chain showing TookPS initial access, SSH tunnel, and payload delivery stagesHIGH
Malware

OkoBot: New Sophisticated Malware Framework Targets Cryptocurrency

Kaspersky GReAT dissects OkoBot, a multi-stage framework using SSH tunnels and over 20 payloads to steal cryptocurrency wallet seed phrases, browser data, and credentials.

3 min readOkoBot
Bar chart showing percentage of ICS computers blocked by region for Q1 2026, with Northern Europe lowest at 9.1% and Africa highest at 27.4%
Industry News

Industrial ICS Threat Rates Hit Three-Year Low in Q1 2026

Kaspersky ICS CERT reports 19.6% of ICS computers blocked malware in Q1 2026, the lowest rate since Q2 2023.

3 min read
Bar chart showing percentage of incidents missed by automated security tools from Kaspersky 2025 compromise assessment report
Industry News

Kaspersky: 60% of Incidents Missed by Automated Security Tools

Kaspersky Compromise Assessment 2025 findings: 60% of incidents lacked high-confidence alerts; 30.8% of threats persisted over 3 months; 40% of web shells hid in backups.

3 min read
Process tree showing WScript.exe spawned by WhatsApp.Root.exe during VBScript executionHIGH
Malware

WhatsApp VBScript Campaign Delivers RMM Remote Access Malware

Kaspersky details an active global campaign distributing VBS files via WhatsApp that installs UEMS RMM software, enabling persistent remote access across 12 countries including...

3 min read
OceanLotus APT Uses PyPI Packages to Deliver ZiChatBot MalwareHIGH
Malware

OceanLotus APT Uses PyPI Packages to Deliver ZiChatBot Malware

Kaspersky attributes a PyPI supply chain campaign to OceanLotus APT, using fake wheel packages to drop ZiChatBot malware that abuses Zulip chat APIs for C2 on Windows and Linux.

4 min readOceanLotus
ZiChatBot Malware Spreads via PyPI Packages Using Zulip C2HIGH
Malware

ZiChatBot Malware Spreads via PyPI Packages Using Zulip C2

Three PyPI packages deliver ZiChatBot malware on Windows and Linux using Zulip chat APIs for stealthy C2 — Kaspersky identifies 12+ victim organizations globally.

4 min readZiChatBot
CrystalX RAT Combines Spyware, Stealer, and Prankware in MaaS OfferingHIGH
Malware

CrystalX RAT Combines Spyware, Stealer, and Prankware in MaaS Offering

Kaspersky details CrystalX RAT, a MaaS malware with spyware, credential theft, and prankware features targeting Windows users globally since mid-2025.

3 min readCrystalX
Kaspersky: Financial Cyber Threats Surged 15% in 2025HIGH
Threat Intel

Kaspersky: Financial Cyber Threats Surged 15% in 2025

Kaspersky reports a 15% year-over-year increase in financial cyber threats in 2025, with infostealers and phishing dominating. Android banking malware rose 20% in Latin America.

2 min read
26 Fake Crypto Wallet Apps on Apple App Store Steal Seed PhrasesHIGH
Threat Intel

26 Fake Crypto Wallet Apps on Apple App Store Steal Seed Phrases

Kaspersky found 26 malicious apps on the Apple App Store since fall 2025 that impersonate wallets like MetaMask and Coinbase to steal recovery phrases and private keys via…

2 min read
Lotus Wiper Strikes Venezuelan Energy Sector in Destructive CampaignCRITICAL
Malware

Lotus Wiper Strikes Venezuelan Energy Sector in Destructive Campaign

Kaspersky discovered Lotus Wiper, a novel file wiper targeting Venezuela's energy and utilities sector since late 2025.

2 min readLotus Wiper
Industrial Control Systems Face Rising Malware, USB Threats in Q4 2025HIGH
Threat Intel

Industrial Control Systems Face Rising Malware, USB Threats in Q4 2025

Kaspersky data shows malware blocked on 33.3% of industrial control system computers in Q4 2025, with internet threats and removable media as top infection vectors. The share of systems facing USB-borne threats grew to 4.1%.

4 min read

Stay Updated

Get the latest cybersecurity news delivered to your inbox.