Unix and macOS malware

The report presents key trends and statistics on malware that targets personal computers running Windows and macOS, as well as Internet of Things (IoT) devices, during the third quarter of 2025.

Kaspersky GReAT experts dive deep into the BlueNoroff APT’s GhostCall and GhostHire campaigns. Extensive research detailing multiple malware chains targeting macOS, including a stealer suite, fake Zoom and Microsoft Teams clients and ChatGPT-enhanced images.

The npm registry contains a malicious package that downloads the AdaptixC2 agent onto victims’ devices, Kaspersky experts have found. The threat targets Windows, Linux, and macOS.

We dissect a recent incident where npm packages with millions of downloads were infected by the Shai-Hulud worm. Kaspersky experts describe the starting point for the source of the infection.

The report presents statistics for Windows, macOS, IoT, and other threats, including ransomware, miners, local and web-based threats, for Q2 2025.

We analyze the built-in protection mechanisms in macOS: how they work, how threat actors can attack them or deceive users, and how to detect such attacks.

The report presents statistics for Windows, macOS, IoT, and other threats, including ransomware, miners, local and web-based threats, for Q1 2025.

This report contains statistics on vulnerabilities and published exploits, along with an analysis of the most noteworthy vulnerabilities we observed in the first quarter of 2025.

Kaspersky experts break down an updated cryptojacking campaign targeting containerized environments: a Dero crypto miner abuses the Docker API.

The Kaspersky Global Emergency Response Team (GERT) detected an Outlaw mining botnet in a customer incident. In this article, we share insights into this botnet’s SSH-based infection chain.

While the CrowdStrike incident is still fresh in our minds, Kaspersky experts look back on similar IT outages that happened in 2024 and predict potential threats for 2025.

Kaspersky researchers demonstrate capabilities of hrtng plugin for IDA Pro, share tips on working with IDA and reverse engineer FinSpy malware with these tools.

The “Kaspersky Security Bulletin 2024. Statistics” report contains statistics on cyberthreats for the period from November 2023 through October 2024. It covers such threats as financial malware, ransomware, miners, malware for IoT and macOS, vulnerabilities and others.

The non-mobile threat report for Q3 2024 contains data on ransomware, miners, and macOS and IoT threats.

In this part of the malware report we discuss the most remarkable findings of Q3 2024, including APT and hacktivist attacks, ransomware, stealers, macOS malware and so on.