ESET researchers uncovered new activities attributed to FrostyNeighbor, updating its compromise chain to support the group’s continual cyberespionage operations

ESET researchers uncovered fraudulent apps on Google Play that claim to provide the call history “for any number” and had been downloaded more than seven million times before being taken down

ESET researchers have investigated an ongoing attack by the ScarCruft APT group that targets the Yanbian region via backdoor-laced Windows and Android games

ESET Research has discovered a new China-aligned APT group that we’ve named GopherWhisper, which targets Mongolian governmental institutions

ESET researchers discover another iteration of NGate malware, this time possibly developed with the assistance of AI

ESET researchers dive deeper into the EDR killer ecosystem, disclosing how attackers abuse vulnerable drivers

The resurgence of one of Russia’s most notorious APT groups

ESET researchers discover PromptSpy, the first known Android malware to abuse generative AI in its execution flow

ESET researchers present technical details on a recent data destruction incident affecting a company in Poland’s energy sector

ESET researchers discover an Android spyware campaign targeting users in Pakistan via romance scam tactics, revealing links to a broader spy operation

The attack involved data-wiping malware that ESET researchers have now analyzed and named DynoWiper

A comprehensive analysis and assessment of a critical severity vulnerability with low likelihood of mass exploitation

ESET researchers discovered a China-aligned APT group, LongNosedGoblin, which uses Group Policy to deploy cyberespionage tools across networks of governmental institutions

A view of the H2 2025 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts

MuddyWater targets critical infrastructure in Israel and Egypt, relying on custom malware, improved tactics, and a predictable playbook

ESET researchers have discovered a network implant used by the China-aligned PlushDaemon APT group to perform adversary-in-the-middle attacks

An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q2 2025 and Q3 2025

ESET research analyzes a recent instance of the Operation DreamJob cyberespionage campaign conducted by Lazarus, a North Korea-aligned APT group

ESET researchers have discovered campaigns distributing spyware disguised as Android Signal and ToTok apps, targeting users in the United Arab Emirates