Information

Have you ever received a package you never ordered? It could be a warning sign that your data has been compromised, with more fraud to follow. Phil Muncaster 23 Dec 2025  •  , 5 min. read Global e-commerce sales are predicted to exceed $6.4 trillion in 2025. And a large share of these will come via marketplaces. But while they ostensibly offer convenience and safety for consumers and expanded reach for businesses, there is a…

Read More

ESET researchers examined CVE‑2025‑50165, a serious Windows vulnerability described to grant remote code execution by merely opening a specially crafted JPG file – one of the most widely used image formats. The flaw, found and documented by Zscaler ThreatLabz, piqued our interest, as Microsoft assessed its severity as critical but deemed its exploitability as less likely. Our root cause analysis allowed us to pinpoint the exact location of the faulty code and reproduce the crash.…

Read More

In 2024, ESET researchers noticed previously undocumented malware in the network of a Southeast Asian governmental entity. This led us to uncover even more new malware on the same system, none of which had substantial ties to any previously tracked threat actors. Based on our findings, we decided to attribute the malicious tools to a new China-aligned APT group that we have named LongNosedGoblin. The group employs a varied custom toolset consisting mainly of C#/.NET…

Read More

ESET Research A view of the H2 2025 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts Jiří Kropáč 16 Dec 2025  •  , 2 min. read The second half of the year underscored just how quickly attackers adapt and innovate, with rapid changes sweeping across the threat landscape. AI-powered malware moved from theory to reality in H2 2025, as ESET discovered PromptLock, the first known…

Read More

Business Security Behind the polished exterior of many modern buildings sit outdated systems with vulnerabilities waiting to be found Tony Anscombe 12 Dec 2025  •  , 3 min. read “A City of a Thousand Zero Days” is the partial title of a talk at Black Hat Europe 2025. I am sure you will appreciate why these few words sparked my interest enough to dedicate time to the presentation; especially given that back in 2019 I…

Read More

I recently had, what I thought, was a unique brainwave. (Spoiler alert: it wasn’t, but please read on!) As a marketing leader at ESET UK, part of my role is to communicate how our powerful and comprehensive solutions can be implemented to protect organisations, in a way that helps clarify the case for upgrading to higher levels of cybersecurity. And that need for clarity is now more urgent than ever. Cybersecurity leaders and agencies, including…

Read More

Business Security Being seen as reliable is good for ‘business’ and ransomware groups care about ‘brand reputation’ just as much as their victims Tony Anscombe 11 Dec 2025  •  , 4 min. read Black Hat Europe 2025 opened with a presentation by Max Smeets of Virtual Rotes titled ‘Inside the Ransomware Machine’. The talk focused on the LockBit ransomware-as-a-service (RaaS) gang and Max’s research into their practices and operations. At their height, between 2022-2024, the…

Read More