CyberSecurity Updates

ESET researchers provide insights into how PlushDaemon performs adversary-in-the-middle attacks using a previously undocumented network implant that we have named EdgeStepper, which redirects all DNS queries to an external, malicious hijacking node, effectively rerouting the traffic from legitimate infrastructure used for software updates to attacker-controlled infrastructure. Key points in this blogpost: We analyzed the network implant EdgeStepper to understand how PlushDaemon attackers compromise their targets. We provide an analysis of LittleDaemon and DaemonicLogistics, two downloaders…

Here’s how open-source intelligence helps trace your digital footprint and uncover your weak points, plus a few essential tools to connect the dots Mario Micucci 20 Nov 2025  •  , 5 min. read Whatever the reason, we spend vast amounts of time online, tapping into the untold expanse of information, communication and resources. Sometimes, the challenge isn’t finding some data, but knowing what’s relevant, real and worth trusting. Anyone working with information needs to be…

Does your chatbot know too much? Here’s why you should think twice before you tell your AI companion everything. Phil Muncaster 17 Nov 2025  •  , 4 min. read In the movie “Her” the film’s hero strikes up an ultimately doomed romantic relationship with a sophisticated AI system. At the time of its release in 2013, such a scenario was firmly in the realms of science fiction. But with the emergence of generative AI (GenAI)…

Digital Security Look no further to learn how cybercriminals could try to crack your vault and how you can keep your logins safe Phil Muncaster 13 Nov 2025  •  , 5 min. read The average internet user has an estimated 168 passwords for their personal accounts, according to a study from 2024. That’s a massive 68% increase on the tally four years previously. Given the security risks associated with sharing credentials across accounts, and of…