Kaspersky continues to lead the charge with timely warnings, product launches, and strategic initiatives.
The company has issued critical alerts on emerging vulnerabilities while bolstering its portfolio for businesses worldwide.
These updates underscore Kaspersky’s commitment to proactive defense amid rising AI integration, automotive cyber risks, and complex attack surfaces.
One pressing concern highlighted by Kaspersky involves the potential misuse of open-source AI technologies.
The company’s Global Emergency Response Team (GERT) has warned that the Model Context Protocol (MCP), an open-source connector released by Anthropic in 2024, could be exploited by cybercriminals as a supply chain attack vector.
MCP standardizes connections between large language models (LLMs) and external tools, enabling tasks like document management, API access, and CRM integration.
However, Kaspersky’s proof-of-concept research reveals how attackers could hijack MCP servers to siphon sensitive data—such as browser passwords, credit card details, cryptocurrency wallets, and cloud configurations—or execute malicious code, install backdoors, and deploy ransomware.
Using the AI client Cursor as an example, the team demonstrated data harvesting from development environments, though no real-world incidents have been observed yet.
Mohamed Ghobashy, Incident Response Specialist at GERT said:
“Supply chain attacks remain one of the most pressing threats… businesses may lower their guard and, by adopting a seemingly legitimate but unproven custom MCP… end up suffering a data leak.”
To mitigate risks, Kaspersky recommends vetting MCP installations with scans and whitelists, isolating servers in containers, monitoring for anomalies, and leveraging managed services like Managed Detection and Response (MDR).
Detailed findings are available in their white paper.
Shifting focus to global threats, Kaspersky has unveiled the agenda for its Security Analyst Summit (SAS) 2025, set for October 26–29 in Khao Lak, Thailand.
This four-day session will gather nearly 200 cybersecurity experts to tackle automotive security, advanced persistent threats (APTs), AI vulnerabilities, and broader geopolitical cyber risks.
A spotlight falls on connected vehicles, with sessions exploring dash cameras as attack vectors, zero-day flaws in automotive supply chains, and exploits in Kia’s head units.
Other highlights include smartphone interconnectivity breaches, browser extension weaknesses, embedded device threats, and a new Bluenoroff campaign targeting crypto and data theft in Chinese AI infrastructure.
The summit culminates in the finals of an international Capture The Flag (CTF) competition, boasting an $18,000 prize pool for top teams.
With speakers from DARKNAVY, NSFOCUS, and Kaspersky’s ICS CERT, SAS 2025 promises actionable insights for fortifying digital ecosystems.
Complementing these educational efforts, Kaspersky has launched Kaspersky Next XDR Optimum, a cybersecurity suite for medium-sized businesses.
Aimed at organizations with moderate budgets and IT teams handling established infrastructures, this solution builds on the Kaspersky Next line by integrating endpoint protection, extended detection and response (XDR), and cloud-based analytics.
Key features include ML-driven anti-ransomware tools, automated threat tracing, a Cloud Sandbox for rapid file investigations, system hardening via vulnerability management, and Shadow IT controls for Microsoft 365.
It enables self-managed defenses against evasive attacks, with seamless upgrades from prior EDR versions and flexible cloud or on-premise deployment.
Unlike the managed MXDR Optimum or enterprise-focused XDR Expert, this product empowers in-house teams without extensive resources.
Ilya Markelov, Head of the Unified Platform Product Line:
“These solutions… require minimal time and resources but significantly strengthen the company’s defenses.”
Finally, Kaspersky is expanding its Digital Footprint Intelligence (DFI) service with a new External Attack Surface module, integrated into the Threat Intelligence portal.
This addition introduces External Attack Surface Management (EASM) to monitor internet-facing assets, detect misconfigurations like outdated software or open ports, and assign risk scores for prioritization.
By aggregating data from specialized search engines and retaining historical records, it aids in tracking changes, investigating incidents, and providing mitigation advice—such as patching services or enforcing VPNs.
Benefits include proactive exposure reduction amid sprawling cloud and shadow IT environments.
Yuliya Novikova, Head of DFI at Kaspersky:
“With the External Attack Surface module, we give [teams] not only visibility… but also recommendations to reduce exposure.”