Award-winning news, views, and insight from the ESET security community
Romain Dumont • 22 Dec 2025 • 8 min. read
ESET Research
Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component
Anton Cherepanov and Peter Strýček • 18 Dec 2025 • 18 min. read
LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan
Jiří Kropáč • 16 Dec 2025 • 2 min. read
ESET Threat Report H2 2025
Business Security
Ransomware
Resilience in the face of ransomware: A key to business survival
Making it stick: How to get the most out of cybersecurity training
A comprehensive analysis and assessment of a critical severity vulnerability with low likelihood of mass exploitation
Romain Dumont • 22 Dec 2025
ESET researchers discovered a China-aligned APT group, LongNosedGoblin, which uses Group Policy to deploy cyberespionage tools across networks of governmental institutions
Anton Cherepanov and Peter Strýček • 18 Dec 2025
A view of the H2 2025 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts
Jiří Kropáč • 16 Dec 2025
Black Hat Europe 2025: Was that device designed to be on the internet at all?
Behind the polished exterior of many modern buildings sit outdated systems with vulnerabilities waiting to be found
Tony Anscombe • 12 Dec 2025
Black Hat Europe 2025: Reputation matters – even in the ransomware economy
Being seen as reliable is good for ‘business’ and ransomware groups care about 'brand reputation' just as much as their victims
Tony Anscombe • 11 Dec 2025
Locks, SOCs and a cat in a box: What Schrödinger can teach us about cybersecurity
If you don’t look inside your environment, you can’t know its true state – and attackers count on that
Steven Connolly • 11 Dec 2025
Seeking symmetry during ATT&CK® season: How to harness today’s diverse analyst and tester landscape to paint a security masterpiece
Interpreting the vast cybersecurity vendor landscape through the lens of industry analysts and testing authorities can immensely enhance your cyber-resilience.
Márk Szabó, James Shepperd, Ben Tudor • 10 Dec 2025
The big catch: How whaling attacks target top executives
Is your organization’s senior leadership vulnerable to a cyber-harpooning? Learn how to keep them safe.
Phil Muncaster • 09 Dec 2025
Phishing, privileges and passwords: Why identity is critical to improving cybersecurity posture
Identity is effectively the new network boundary. It must be protected at all costs.
Phil Muncaster • 04 Dec 2025
MuddyWater: Snakes by the riverbank
MuddyWater targets critical infrastructure in Israel and Egypt, relying on custom malware, improved tactics, and a predictable playbook
ESET Research • 02 Dec 2025
Social Media
Oversharing is not caring: What’s at stake if your employees post too much online
From LinkedIn to X, GitHub to Instagram, there are plenty of opportunities to share work-related information. But posting could also get your company into trouble.
Phil Muncaster • 01 Dec 2025
Video
This month in security with Tony Anscombe – November 2025 edition
Data exposure by top AI companies, the Akira ransomware haul, Operation Endgame against major malware families, and more of this month's cybersecurity news
Editor • 28 Nov 2025
Sign up for our newsletters
