Actively exploited Firefox zero-day fixed, update ASAP! (CVE-2024-9680)
Mozilla has pushed out an emergency update for its Firefox and Firefox ESR browsers to fix a vulnerability (CVE-2024-9680) that is being exploited in the wild. About …
GoldenJackal APT group breaches air-gapped systems in Europe
ESET researchers have discovered a series of attacks that took place in Europe from May 2022 to March 2024, where the attackers used a toolset capable of targeting air-gapped …
APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262)
ESET researchers discovered a remote code execution vulnerability in WPS Office for Windows (CVE-2024-7262). APT-C-60, a South Korea-aligned cyberespionage group, was …
New phishing method targets Android and iPhone users
ESET researchers discovered an uncommon type of phishing campaign targeting Android and iPhone users. They analyzed a case observed in the wild that targeted clients of a …
Chinese hackers compromised an ISP to deliver malicious software updates
APT StormBamboo compromised a undisclosed internet service provider (ISP) to poison DNS queries and thus deliver malware to target organizations, Volexity researchers have …
Vulnerability in Telegram app for Android allows sending malicious files disguised as videos
ESET researchers discovered a zero-day exploit, which targets the Telegram app for Android, that appeared for sale for an unspecified price in an underground forum post from …
Ad-injecting malware posing as DwAdsafe ad blocker uses Microsoft-signed driver
ESET Research has discovered a sophisticated Chinese browser injector: a signed, vulnerable, ad-injecting driver from a mysterious Chinese company. This threat, which ESET …
Update: Worldwide IT outage due to buggy Crowdstrike sensor configuration update
The world is 16+ hours into what looks like the biggest IT outage in history, triggered by a defective update for Crowdstrike endpoint security software for Windows machines. …
Infostealing malware masquerading as generative AI tools
Over the past six months, there has been a notable surge in Android financial threats – malware targeting victims’ mobile banking funds, whether in the form of …
Ebury botnet compromises 400,000+ Linux servers
ESET researchers released its deep-dive investigation into one of the most advanced server-side malware campaigns. It is still growing and has seen hundreds of thousands of …
ESET launches two MDR subscription tiers for SMBs and enterprises
ESET launched two new Managed Detection and Response (MDR) subscription tiers: ESET PROTECT MDR for small and medium businesses (SMBs) and ESET PROTECT MDR Ultimate for …
ESET integrates with Arctic Wolf to provide greater security visibility
ESET has unveiled a new integration with Arctic Wolf, to ensure increased visibility and protection against modern threats. By integrating ESET Inspect into Arctic …
Featured news
Resources
Don't miss
- What the Fortibleed campaign means for organizations running FortiGate firewalls
- A $1,400 experiment in AI security auditing outperformed OpenAI’s Codex Security
- Residential proxy SDKs are hiding in LG and Samsung smart TV apps
- 23 ClawHub plugins squatting official scopes expose AI registry security gaps
- Who pays when you gate cyber-capable AI models?