Notorious APT group Turla collaborates with Gamaredon, both FSB-associated groups, to compromise high‑profile targets in Ukraine

UEFI copycat of Petya/NotPetya exploiting CVE-2024-7344 discovered on VirusTotal

ESET researchers have identified a new threat actor targeting Windows servers with a passive C++ backdoor and a malicious IIS module that manipulates Google search results

The discovery of PromptLock shows how malicious use of AI models could supercharge ransomware and other threats

ESET Research discovered a zero-day vulnerability in WinRAR being exploited in the wild in the guise of job application documents; the weaponized archives exploited a path traversal flaw to compromise their targets

ESET Research has been monitoring attacks involving the recently discovered ToolShell zero-day vulnerabilities

ESET researchers map out the labyrinthine relationships among the vast hierarchy of AsyncRAT variants

ESET Research analyzes Gamaredon’s updated cyberespionage toolset, new stealth-focused techniques, and aggressive spearphishing operations observed throughout 2024

A view of the H1 2025 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts

ESET researchers analyzed a cyberespionage campaign conducted by BladedFeline, an Iran-aligned APT group with likely ties to OilRig

ESET Research shares its findings on the workings of Danabot, an infostealer recently disrupted in a multinational law enforcement operation

Our intense monitoring of tens of thousands of malicious samples helped this global disruption operation

An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q4 2024 and Q1 2025

ESET researchers uncover a Russia-aligned espionage operation targeting webmail servers via XSS vulnerabilities

ESET researchers analyzed Spellbinder, a lateral movement tool used to perform adversary-in-the-middle attacks

ESET researchers uncover the toolset used by the FamousSparrow APT group, including two undocumented versions of the group’s signature backdoor, SparrowDoor

ESET researchers detail a global espionage operation by FishMonger, the APT group run by I‑SOON

ESET researchers discover new ties between affiliates of RansomHub and of rival gangs Medusa, BianLian, and Play

ESET researchers uncovered MirrorFace activity that expanded beyond its usual focus on Japan and targeted a Central European diplomatic institute with the ANEL backdoor