Award-winning news, views, and insight from the ESET security community
Anton Cherepanov, Peter Strýček, Damien Schaeffer • 11 Aug 2025 • 8 min. read
ESET Research
Update WinRAR tools now: RomCom and others exploiting zero-day vulnerability
ESET Research • 24 Jul 2025 • 3 min. read
ToolShell: An all-you-can-eat buffet for threat actors
Nikola Knežević • 15 Jul 2025 • 13 min. read
Unmasking AsyncRAT: Navigating the labyrinth of forks
Business Security
Ransomware
Resilience in the face of ransomware: A key to business survival
Making it stick: How to get the most out of cybersecurity training
Supply-chain dependencies: Check your resilience blind spot
Does your business truly understand its dependencies, and how to mitigate the risks posed by an attack on them?
Tony Anscombe • 12 Aug 2025
Kids Online
How the always-on generation can level up its cybersecurity game
Digital natives are comfortable with technology, but may be more exposed to online scams and other threats than they think
Phil Muncaster • 12 Aug 2025
Video
WinRAR zero-day exploited in espionage attacks against high-value targets
The attacks used spearphishing campaigns to target financial, manufacturing, defense, and logistics companies in Europe and Canada, ESET research finds
Editor • 11 Aug 2025
ESET Research discovered a zero-day vulnerability in WinRAR being exploited in the wild in the guise of job application documents; the weaponized archives exploited a path traversal flaw to compromise their targets
Anton Cherepanov, Peter Strýček, Damien Schaeffer • 11 Aug 2025
Black Hat USA 2025: Is a high cyber insurance premium about your risk, or your insurer’s?
A sky-high premium may not always reflect your company’s security posture
Tony Anscombe • 08 Aug 2025
Mobile Security
Android adware: What is it, and how do I get it off my device?
Is your phone suddenly flooded with aggressive ads, slowing down performance or leading to unusual app behavior? Here’s what to do.
Phil Muncaster • 08 Aug 2025
Black Hat USA 2025: Policy compliance and the myth of the silver bullet
Who’s to blame when the AI tool managing a company’s compliance status gets it wrong?
Tony Anscombe • 07 Aug 2025
Black Hat USA 2025: Does successful cybersecurity today increase cyber-risk tomorrow?
Success in cybersecurity is when nothing happens, plus other standout themes from two of the event’s keynotes
Podcasts
ESET Threat Report H1 2025: ClickFix, infostealer disruptions, and ransomware deathmatch
Threat actors are embracing ClickFix, ransomware gangs are turning on each other – toppling even the leaders – and law enforcement is disrupting one infostealer after another
ESET Research • 05 Aug 2025
Is your phone spying on you? | Unlocked 403 cybersecurity podcast (S2E5)
Here's what you need to know about the inner workings of modern spyware and how to stay away from apps that know too much
Editor • 01 Aug 2025
Privacy
Why the tech industry needs to stand firm on preserving end-to-end encryption
Restricting end-to-end encryption on a single-country basis would not only be absurdly difficult to enforce, but it would also fail to deter criminal activity
Tony Anscombe • 01 Aug 2025
This month in security with Tony Anscombe – July 2025 edition
Here's a look at cybersecurity stories that moved the needle, raised the alarm, or offered vital lessons in July 2025
Editor • 31 Jul 2025
Sign up for our newsletters
