Award-winning news, views, and insight from the ESET security community
Anton Cherepanov, Peter Strýček, Damien Schaeffer • 11 Aug 2025 • 8 min. read
ESET Research
Update WinRAR tools now: RomCom and others exploiting zero-day vulnerability
ESET Research • 24 Jul 2025 • 3 min. read
ToolShell: An all-you-can-eat buffet for threat actors
Nikola Knežević • 15 Jul 2025 • 13 min. read
Unmasking AsyncRAT: Navigating the labyrinth of forks
Business Security
Ransomware
Resilience in the face of ransomware: A key to business survival
Making it stick: How to get the most out of cybersecurity training
Video
WinRAR zero-day exploited in espionage attacks against high-value targets
The attacks used spearphishing campaigns to target financial, manufacturing, defense, and logistics companies in Europe and Canada, ESET research finds
Editor • 11 Aug 2025
ESET Research discovered a zero-day vulnerability in WinRAR being exploited in the wild in the guise of job application documents; the weaponized archives exploited a path traversal flaw to compromise their targets
Anton Cherepanov, Peter Strýček, Damien Schaeffer • 11 Aug 2025
Black Hat USA 2025: Is a high cyber insurance premium about your risk, or your insurer’s?
A sky-high premium may not always reflect your company’s security posture
Tony Anscombe • 08 Aug 2025
Mobile Security
Android adware: What is it, and how do I get it off my device?
Is your phone suddenly flooded with aggressive ads, slowing down performance or leading to unusual app behavior? Here’s what to do.
Phil Muncaster • 08 Aug 2025
Black Hat USA 2025: Policy compliance and the myth of the silver bullet
Who’s to blame when the AI tool managing a company’s compliance status gets it wrong?
Tony Anscombe • 07 Aug 2025
Black Hat USA 2025: Does successful cybersecurity today increase cyber-risk tomorrow?
Success in cybersecurity is when nothing happens, plus other standout themes from two of the event’s keynotes
Podcasts
ESET Threat Report H1 2025: ClickFix, infostealer disruptions, and ransomware deathmatch
Threat actors are embracing ClickFix, ransomware gangs are turning on each other – toppling even the leaders – and law enforcement is disrupting one infostealer after another
ESET Research • 05 Aug 2025
Is your phone spying on you? | Unlocked 403 cybersecurity podcast (S2E5)
Here's what you need to know about the inner workings of modern spyware and how to stay away from apps that know too much
Editor • 01 Aug 2025
Privacy
Why the tech industry needs to stand firm on preserving end-to-end encryption
Restricting end-to-end encryption on a single-country basis would not only be absurdly difficult to enforce, but it would also fail to deter criminal activity
Tony Anscombe • 01 Aug 2025
This month in security with Tony Anscombe – July 2025 edition
Here's a look at cybersecurity stories that moved the needle, raised the alarm, or offered vital lessons in July 2025
Editor • 31 Jul 2025
Digital Security
The hidden risks of browser extensions – and how to stay safe
Not all browser add-ons are handy helpers – some may contain far more than you have bargained for
Phil Muncaster • 29 Jul 2025
SharePoint under fire: ToolShell attacks hit organizations worldwide
The ToolShell bugs are being exploited by cybercriminals and APT groups alike, with the US on the receiving end of 13 percent of all attacks
Editor • 25 Jul 2025
Sign up for our newsletters
