This blogpost covers newly discovered activities attributed to FrostyNeighbor, targeting governmental organizations in Ukraine. FrostyNeighbor has been running continual cyberoperations, changing and ...

ESET researchers uncovered fraudulent apps on Google Play that claim to provide the call history “for any number” and had ...

How come it’s still possible to ‘secure’ an online account with a six-digit string? The solution is (un)surprisingly simple.

ESET researchers have investigated an ongoing attack by the ScarCruft APT group that targets the Yanbian region via ...

Social commerce has gone mainstream. According to one estimate, the industry was on track to be worth over $1.1 trillion globally in 2025, with over half of young people buying on social media sites.

Receiving a data breach notice may have once been a rare event. With data breaches hitting record numbers, however, these notifications are no longer as surprising as they once were. In the US alone, ...

ESET Research has discovered a new variant of the NGate malware family that abuses a legitimate Android application called HandyPay, instead of the previously leveraged NFCGate tool. The threat actors ...

ESET-Forscher haben auf Google Play betrügerische Apps entdeckt, die angeblich den Anrufverlauf „jeder beliebigen Nummer“ ...

In March 2024, an affiliate of the BlackCat ransomware gang took to a cybercrime forum with a complaint. They’d carried out the attack on Change Healthcare – one of the largest healthcare data ...

ESET researchers have discovered a previously undocumented China-aligned APT group that we named GopherWhisper. The group wields a wide array of tools mostly written in Go, using injectors and loaders ...

There’s a bit of a pattern in the history of organizational failures that repeats too often to be a coincidence: A system runs smoothly for a long stretch, causing everyone to grow confident in it.

ESET Research discovered a zero-day vulnerability in WinRAR being exploited in the wild in the guise of job application documents; the weaponized archives exploited a path traversal flaw to compromise ...