Kaspersky Lab site is now open to XSS (cross-site scripting) attacks together with Iframe injections. This is not good for any company, especially for a company dealing with security.
An XSS attack launches when a web program collects vicious data from an end-user mostly via a hyperlink that carries malicious content inside it. Thus, as the end-user clicks on the hyperlink while on another site, or via any other mode of connection, the attacker compromises his data.
Here is a screenshot of the bug:
Vulnerable link: KasperskyXSS
Update : the Vulnerability have been fixed