Start using a new app and you’ll often be asked to grant it permissions. But blindly accepting them could expose you to serious privacy and security risks. Let’s take a closer look.

ESET researchers discover PromptSpy, the first known Android malware to abuse generative AI in its execution flow.

Security experts have been predicting the death of the password for well over a decade. But it’s still the main way we log-in to our online accounts and mobile applications. Why? Because we all know ...

OfferUp has been in business for nearly 15 years. Although little known outside the US, the marketplace app competes for consumer hearts and minds with industry giants Craigslist, Facebook Marketplace ...

ESET researchers have discovered a network implant used by the China-aligned PlushDaemon APT group to perform adversary-in-the-middle attacks ...

Faking it on the phone: How to tell if a voice call is AI or not Can you believe your ears? Increasingly, the answer is no. Here’s what’s at stake for your business, and how to beat the deepfakers. Is ...

Like any other marketplace, the social commerce platform has its share of red flags. It pays to know what to look for so you can shop or sell without headaches.

Pour les entreprises, il n’est plus questions de savoir si une attaque va survenir, mais plutôt quand. Alors comment se ...

ESET researchers have uncovered two Android spyware campaigns targeting individuals interested in secure communication apps, namely Signal and ToTok. These campaigns distribute malware through ...

ESET researchers have analyzed a previously undocumented, real-world UEFI bootkit that persists on the EFI System Partition (ESP). The bootkit, which we’ve named ESPecter, can bypass Windows Driver ...

MoustachedBouncer is a cyberespionage group discovered by ESET Research and first publicly disclosed in this blogpost. The group has been active since at least 2014 and only targets foreign embassies ...

ESET researchers identified an active campaign that we have attributed to the StrongPity APT group. Active since November 2021, the campaign has distributed a malicious app through a website ...