WeLiveSecurity

Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component

ESET researchers provide a comprehensive analysis and assessment of a critical severity vulnerability with low likelihood of ...
WeLiveSecurity

A brush with online fraud: What are brushing scams and how do I stay safe?

Have you ever received a package you never ordered? It could be a warning sign that your data has been compromised, with more ...
WeLiveSecurity

This month in security with Tony Anscombe – December 2025 edition

As 2025 draws to a close, Tony looks back at the cybersecurity stories that stood out both in December and across the whole of this year.
WeLiveSecurity

ESET Research

ESET researchers have discovered campaigns distributing spyware disguised as Android Signal and ToTok apps, targeting users in the United Arab Emirates ...
WeLiveSecurity

Tips & advice

Have you ever received a package you never ordered? It could be a warning sign that your data has been compromised, with more fraud to follow. From LinkedIn to X, GitHub to Instagram, there are plenty ...
WeLiveSecurity

Roblox Executors : Tout est amusant jusqu’à ce que quelqu’un se fasse pirater

Cet article vous explique ce que sont ces outils, qu’on appelle aussi exécuteurs de scripts, triches ou hacks.
WeLiveSecurity

No “Game over” for the Winnti Group

In February 2020, we discovered a new, modular backdoor, which we named PipeMon. Persisting as a Print Processor, it was used by the Winnti Group against several video gaming companies that are based ...
WeLiveSecurity

Mind the (air) gap: GoldenJackal gooses government guardrails

ESET researchers discovered a series of attacks on a governmental organization in Europe using tools capable of targeting air-gapped systems. The campaign, which we attribute to GoldenJackal, a ...
WeLiveSecurity

Jumping the air gap: 15 years of nation-state effort

Air-gapping is used to protect the most sensitive of networks. In the first half of 2020 alone, four previously unknown malicious frameworks designed to breach air-gapped networks emerged, bringing ...
WeLiveSecurity

Fake or Fake: Keeping up with OceanLotus decoys

Following OceanLotus’ activities is taking a tour in the world of deception. This group is known to lure victims by forging appealing documents to entice potential victims into executing the group’s ...
WeLiveSecurity

Black Hat Europe 2025: Reputation matters – even in the ransomware economy

Black Hat Europe 2025 opened with a presentation by Max Smeets of Virtual Rotes titled ‘Inside the Ransomware Machine’. The talk focused on the LockBit ransomware-as-a-service (RaaS) gang and Max’s ...
WeLiveSecurity

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

ESET Research has discovered HybridPetya, on the VirusTotal sample sharing platform. It is a copycat of the infamous Petya/NotPetya malware, adding the capability of compromising UEFI-based systems ...