Information

Digital Security Look no further to learn how cybercriminals could try to crack your vault and how you can keep your logins safe Phil Muncaster 13 Nov 2025  •  , 5 min. read The average internet user has an estimated 168 passwords for their personal accounts, according to a study from 2024. That’s a massive 68% increase on the tally four years previously. Given the security risks associated with sharing credentials across accounts, and of…

Read More

This blogpost introduces our latest white paper, presented at Virus Bulletin 2025, where we detail the operations of the North Korea-aligned threat actor we call DeceptiveDevelopment and its connections to North Korean IT worker campaigns. The white paper provides full technical details, including malware analysis, infrastructure, and OSINT findings. Here, we summarize the key insights and highlight the broader implications of this hybrid threat. Key points of this blogpost: The invention and focus of the…

Read More

Kids Online You could be getting more than you bargained for when you download that cheat tool promising quick wins 26 Sep 2025  •  , 3 min. read Every day, tens of millions of young people dive into Roblox to build, connect and compete. But with that scale comes opportunity, not just for game designers and players, but also for cybercriminals who disguise malware as cheat tools promising quick wins. There are countless threads on…

Read More

Business Security From unintentional data leakage to buggy code, here’s why you should care about unsanctioned AI use in your company Phil Muncaster 11 Nov 2025  •  , 5 min. read Shadow IT has long been a thorn in the side of corporate security teams. After all, you can’t manage or protect what you can’t see. But things could be about to get a lot worse. The scale, reach and power of artificial intelligence (AI)…

Read More

The past 30 days have seen no shortage of new threats and incidents that brought into sharp relief the need for well-thought-out cyber-resilience plans 29 Sep 2025 As September 2025 comes to a close, ESET Chief Security Evangelist Tony Anscombe reviews a selection of the top cybersecurity stories that have made the headlines over the past 30 days and offers insights that they hold for your own cyber-defenses. So what were some of the key…

Read More

We’re kicking off the month with a focus on the human element: the first line of defense, but also the path of least resistance for many cybercriminals 01 Oct 2025 October is Cybersecurity Awareness Month and what better way to open it than with a reminder that the human element is the first and crucial line of defense against all manner of cyberthreats. Cybercriminals are adept at targeting not just technical flaws, but also take…

Read More

ESET researchers have uncovered two Android spyware campaigns targeting individuals interested in secure communication apps, namely Signal and ToTok. These campaigns distribute malware through deceptive websites and social engineering and appear to target residents of the United Arab Emirates (UAE). Our investigation led to the discovery of two previously undocumented spyware families – Android/Spy.ProSpy, impersonating upgrades or plugins for the Signal and ToTok messaging apps; and Android/Spy.ToSpy, impersonating the ToTok app. Neither app containing the…

Read More