MuddyWater targets critical infrastructure in Israel and Egypt, relying on custom malware, improved tactics, and a predictable playbook

ESET researchers have discovered a network implant used by the China-aligned PlushDaemon APT group to perform adversary-in-the-middle attacks

An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q2 2025 and Q3 2025

ESET research analyzes a recent instance of the Operation DreamJob cyberespionage campaign conducted by Lazarus, a North Korea-aligned APT group

ESET researchers have discovered campaigns distributing spyware disguised as Android Signal and ToTok apps, targeting users in the United Arab Emirates

Malware operators collaborate with covert North Korean IT workers, posing a threat to both headhunters and job seekers

Notorious APT group Turla collaborates with Gamaredon, both FSB-associated groups, to compromise high‑profile targets in Ukraine

UEFI copycat of Petya/NotPetya exploiting CVE-2024-7344 discovered on VirusTotal

ESET researchers have identified a new threat actor targeting Windows servers with a passive C++ backdoor and a malicious IIS module that manipulates Google search results

The discovery of PromptLock shows how malicious use of AI models could supercharge ransomware and other threats

ESET Research discovered a zero-day vulnerability in WinRAR being exploited in the wild in the guise of job application documents; the weaponized archives exploited a path traversal flaw to compromise their targets

ESET Research has been monitoring attacks involving the recently discovered ToolShell zero-day vulnerabilities

ESET researchers map out the labyrinthine relationships among the vast hierarchy of AsyncRAT variants

ESET Research analyzes Gamaredon’s updated cyberespionage toolset, new stealth-focused techniques, and aggressive spearphishing operations observed throughout 2024

A view of the H1 2025 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts

ESET researchers analyzed a cyberespionage campaign conducted by BladedFeline, an Iran-aligned APT group with likely ties to OilRig

ESET Research shares its findings on the workings of Danabot, an infostealer recently disrupted in a multinational law enforcement operation

Our intense monitoring of tens of thousands of malicious samples helped this global disruption operation

An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q4 2024 and Q1 2025

ESET researchers uncover a Russia-aligned espionage operation targeting webmail servers via XSS vulnerabilities

ESET researchers analyzed Spellbinder, a lateral movement tool used to perform adversary-in-the-middle attacks

ESET researchers discover new ties between affiliates of RansomHub and of rival gangs Medusa, BianLian, and Play

ESET researchers uncover the toolset used by the FamousSparrow APT group, including two undocumented versions of the group’s signature backdoor, SparrowDoor

ESET researchers detail a global espionage operation by FishMonger, the APT group run by I‑SOON

ESET researchers uncovered MirrorFace activity that expanded beyond its usual focus on Japan and targeted a Central European diplomatic institute with the ANEL backdoor

Big shifts in the infostealer scene, novel attack vector against iOS and Android, and a massive surge in investment scams on social media

ESET researchers analyzed a campaign delivering malware bundled with job interview challenges