LoginGopherWhisper: A burrow full of malware
23 April 2026 at 08:59
ESET Research has discovered a new China-aligned APT group that weβve named GopherWhisper, which targets Mongolian governmental institutions
Normal view
Received β 24 April 2026
β
Security
Received β 22 April 2026
β
Security
New NGate variant hides in a trojanized NFC payment app
21 April 2026 at 08:55
ESET researchers discover another iteration of NGate malware, this time possibly developed with the assistance of AI
Received β 23 March 2026
β
Security
EDR killers explained: Beyond the drivers
19 March 2026 at 09:55
ESET researchers dive deeper into the EDR killer ecosystem, disclosing how attackers abuse vulnerable drivers
Received β 11 March 2026
β
Security
Sednit reloaded: Back in the trenches
10 March 2026 at 09:58
The resurgence of one of Russiaβs most notorious APT groups
Received β 4 March 2026
β
Security
PromptSpy ushers in the era of Android threats using GenAI
19 February 2026 at 10:30
ESET researchers discover PromptSpy, the first known Android malware to abuse generative AI in its execution flow
DynoWiper update: Technical analysis and attribution
30 January 2026 at 10:28
ESET researchers present technical details on a recent data destruction incident affecting a company in Polandβs energy sector
-
WeLiveSecurity
- Love? Actually: Fake dating app used as lure in targeted spyware campaign in Pakistan
Love? Actually: Fake dating app used as lure in targeted spyware campaign in Pakistan
28 January 2026 at 09:59
ESET researchers discover an Android spyware campaign targeting users in Pakistan via romance scam tactics, revealing links to a broader spy operation
ESET Research: Sandworm behind cyberattack on Polandβs power grid in late 2025
23 January 2026 at 16:58
The attack involved data-wiping malware that ESET researchers have now analyzed and named DynoWiper
Received β 21 January 2026
β
Security
Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component
22 December 2025 at 09:55
A comprehensive analysis and assessment of a critical severity vulnerability with low likelihood of mass exploitation
LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan
18 December 2025 at 10:00
ESET researchers discovered a China-aligned APT group, LongNosedGoblin, which uses Group Policy to deploy cyberespionage tools across networks of governmental institutions
ESET Threat Report H2 2025
16 December 2025 at 09:50
A view of the H2 2025 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts
MuddyWater: Snakes by the riverbank
2 December 2025 at 10:00
MuddyWater targets critical infrastructure in Israel and Egypt, relying on custom malware, improved tactics, and a predictable playbook
PlushDaemon compromises network devices for adversary-in-the-middle attacks
19 November 2025 at 09:55
ESET researchers have discovered a network implant used by the China-aligned PlushDaemon APT group to perform adversary-in-the-middle attacks
ESET APT Activity Report Q2 2025βQ3 2025
6 November 2025 at 09:45
An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q2 2025 and Q3 2025
Gotta fly: Lazarus targets the UAV sector
23 October 2025 at 04:00
ESET research analyzes a recent instance of the Operation DreamJob cyberespionage campaign conducted by Lazarus, a North Korea-aligned APT group
New spyware campaigns target privacy-conscious Android users in the UAE
2 October 2025 at 08:55
ESET researchers have discovered campaigns distributing spyware disguised as Android Signal and ToTok apps, targeting users in the United Arab Emirates
-
- DeceptiveDevelopment: From primitive crypto theft to sophisticated AI-based deception
DeceptiveDevelopment: From primitive crypto theft to sophisticated AI-based deception
25 September 2025 at 08:59
Malware operators collaborate with covert North Korean IT workers, posing a threat to both headhunters and job seekers
Gamaredon X Turla collab
19 September 2025 at 08:55
Notorious APT group Turla collaborates with Gamaredon, both FSB-associated groups, to compromise highβprofile targets in Ukraine
Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass
12 September 2025 at 09:00
UEFI copycat of Petya/NotPetya exploiting CVE-2024-7344 discovered on VirusTotal
GhostRedirector poisons Windows servers: Backdoors with a side of Potatoes
4 September 2025 at 08:55
ESET researchers have identified a new threat actor targeting Windows servers with a passive C++ backdoor and a malicious IIS module that manipulates Google search results
