Microsoft is delivering tools to quickly configure Windows PCs as workstations for Windows and Linux development.
A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
Attackers are abusing a Microsoft Windows tool with an intent to spy on and steal SMS messages and one-time-passwords (OTPs) from mobile devices. In an ongoing threat campaign that started in January, ...
Cybersecurity researchers have disclosed details of an intrusion that involved the use of a CloudZ remote access tool (RAT) and a previous undocumented plugin dubbed Pheno with the aim of facilitating ...
A new version of the CloudZ remote access tool (RAT) is deploying a previously unseen malicious plugin called Pheno that hijacks the Microsoft Phone Link connection to steal sensitive codes from ...
A background Windows service handles the actual scanning and caches results in a local SQLite database. An optional system tray app provides a settings GUI.
I'd like to thank my coauthors Adrian Schipor, Victor Vrabie, Marius Baciu, and Martin Zugec for their invaluable contributions to this research. This research provides a direct look at the new ...
In 2024, ESET researchers noticed previously undocumented malware in the network of a Southeast Asian governmental entity. This led us to uncover even more new malware on the same system, none of ...
I'd like to thank my coauthors, Victor Vrabie, Adrian Schipor, and Martin Zugec, for their invaluable contributions to this research. TL;DR A Chinese APT group compromised a Philippine military ...
Even in well-secured environments, attackers are getting in—not with flashy exploits, but by quietly taking advantage of weak settings, outdated encryption, and trusted tools left unprotected. These ...