Threat landscape for industrial automation systems. Q1 2026
This report contains industrial threat statistics for Q1 2026, including industrial threat distribution by type, source, region and industry.
Kaspersky Security Bulletin contains statistics on various cyberthreats for the period from November 2024 to October 2025, which are based on anonymized data voluntarily provided by Kaspersky users via Kaspersky Security Network (KSN).
An in-depth analysis of Umbrij, a new tool used by the ToddyCat APT group to compromise corporate email communications in Gmail. The attack targeted OAuth authorization tokens, allowing threat actors to gain access to Google services.
Cloud Atlas attacks the public sector and diplomatic structures of Russia and Belarus, using ReverseSocks, SSH, and Tor for persistence in infected systems and its new tool, PowerCloud.
Kaspersky researchers analyze a range of new PebbleDash-based tools used in recent Kimsuky campaigns and reveal their connection to the AppleSeed malware cluster.
Kaspersky researchers uncovered malicious wheel packages in PyPI that targeted both Windows and Linux and contained a dropper delivering malware dubbed ZiChatBot. We attribute this activity to OceanLotus APT.