ESET Archives

Huntress, Microsoft Detail the Continued Popularity, Evolution of ClickFix Attacks

Jeffrey Burt | February 19, 2026 | clickfix, ESET, Huntress cybersecurity findings, infostealer malware, Intego, macos, MalwareBytes, Matanbuchus, Microsoft Threat Intelligence, Ransomware, Rhadamanthys, Windows threats

ClickFix, an attack technique used to trick victims into pasting or clicking on malicious commands, has rapidly become a favorite method of threat groups. Recent reports by Huntress, Microsoft, and Intego detail ...

Security Boulevard

NYU Scientists Develop, ESET Detects First AI-Powered Ransomware

Jeffrey Burt | September 4, 2025 | ESET, Generative AI risks, Large language models (LLMs), OpenAI, Ransomware

Scientists at NYU developed a ransomware prototype that uses LLMs to autonomously to plan, adapt, and execute ransomware attacks. ESET researchers, not knowing about the NYU project, apparently detected the ransomware, saying ...

Security Boulevard

Law Enforcement, Microsoft Disrupt Operations of Popular Lumma Stealer

Jeffrey Burt | May 22, 2025 | Cyber Attacks Microsoft, ESET, infostealer, Lumma Stealer, Ransomware

International law enforcement agencies and cybersecurity vendors seized thousands of domains used to run the MaaS operations of the widely popular Lumma Stealer malware, which was used to facilitate ransomware, malvertising, and ...

Security Boulevard

Microsoft Windows malware software supply chain

ESET: Chinese Adware Opens Windows Systems to More Threats

Jeffrey Burt | July 18, 2024 | Administrative Privileges, ESET, Microsoft, windows malware

Malware pretending to offer a safe web-browsing experience can alter what the users sees on the requested page or direct them to another one and also allows other bad actors to run ...

Security Boulevard

Evasive Panda Cyber Attacks: Threat Actor Targets Tibetans

Wajahat Raja | March 22, 2024 | Advanced persistent threat (APT), China-linked Hackers, cyber attacks, Cyber Espionage, Cybersecurity, Cybersecurity News, ESET, Evasive Panda, malicious code, Malware Tactics, MgBot, Monlam Festival, Nightdoor Backdoor, Supply Chain Attacks, threat actors, Tibetans, watering hole attacks

Cybersecurity experts at ESET have come across a malicious campaign that targets Tibetans in many countries by leveraging the website of a religious gathering. Evasive Panda cyber attacks are associated with a ...

TuxCare

Russian Hackers Target Ukraine Via A Disinformation Campaign

Wajahat Raja | March 7, 2024 | Alexei Navalny, Callisto Group, COLDRIVER, credential harvesting, cyber warfare, Cybersecurity Measures, Cybersecurity News, disinformation campaign, ESET, Kyivstar, Microsoft, Operation Texonto, phishing campaign, Russian hackers, The Hacker News, The Record, Ukraine, Vladimir Putin

Disinformation campaigns play an important role in cyber warfare, and this is exactly what Russian hackers target Ukraine. After waging war on Ukraine on land, Russia is attacking the East European country ...

TuxCare

3CX Breach Was a Double Supply Chain Compromise

We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX, a complex, lengthy intrusion that has the makings of a cyberpunk spy novel: North ...

Krebs on Security

The Link Between AWM Proxy & the Glupteba Botnet

On December 7, 2021, Google announced it had sued two Russian men allegedly responsible for operating the Glupteba botnet, a global malware menace that has infected millions of computers over the past ...

Krebs on Security

2021 Marred by Aggressive APTs; RDP Attacks up 897%

Teri Robinson | February 14, 2022 | APTs, Coronavirus malware, ESET, RDP

While much of the world tried to regain some semblance of normalcy in 2021 after the onset of the COVID-19 pandemic the year before, cyberattackers were hard at work ushering in the ...

Security Boulevard

Extracting Security Products from SUNBURST DNS Beacons

Erik Hjelmvik | December 29, 2020 | beacon, C2, Carbon Black, CB28867A08967B43, CrowdStrike Falcon, dns, ESET, f-secure, fireeye, SolarWinds, Solorigate, SUNBURST, SunburstDomainDecoder, Windows Defender

The latest version of our SunburstDomainDecoder (v1.7) can be used to reveal which endpoint protection applications that are installed on trojanized SolarWinds Orion deployments. The security application info is extracted from DNS ...

NETRESEC Network Security Blog

ESET

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

NIST’s Nine: The PQC Signature Race Moves to Round Three

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On