Research has been at the core of ESET and its technology since the company's inception. The journey began in 1987, when ESET co-founders Miroslav Trnka and Peter Paško uncovered one of the world's first computer viruses, which they named "Vienna" and wrote a program to detect it. Many other discoveries quickly followed.

More than 30 years later, ESET remains at the forefront of cybersecurity research, operating 11 R&D centers across the world that analyze, monitor and anticipate new threats. In recent years alone, ESET researchers have made a number of significant discoveries that shed light on various malicious campaigns orchestrated by the world’s most advanced threat actors. They have also identified multiple high-impact vulnerabilities in third-party products and services.

Over the years, ESET’s experts have assisted law enforcement with disruptions of several notorious cybercrime operations. They also frequently present at leading industry conferences and are among the most referenced contributors to the MITRE ATT&CK® knowledge base of adversary tactics and techniques.

ESET Coordinated Vulnerability Disclosure Policy


2298 articles

Gamaredon in 2025: Leveraging tunnels, workers, dead drops, and new alliances

Gamaredon in 2025: Leveraging tunnels, workers, dead drops, and new alliances

Gamaredon in 2025: Leveraging tunnels, workers, dead drops, and new alliances

ESET Research analyzes Gamaredon’s new toolset and the group’s growing reliance on legitimate online services to hide its C&C infrastructure and exfiltrate stolen data

Zoltán Rusnák25 Jun 2026


ESET takes part in Operation Endgame to disrupt Amadey and Stealc

ESET takes part in Operation Endgame to disrupt Amadey and Stealc

ESET takes part in Operation Endgame to disrupt Amadey and Stealc

ESET researchers assisted in the global disruption of the Amadey botnet and Stealc infostealer, providing technical analysis, infrastructure tracking, and affiliate-level insights

Jakub Tomanek and Tomáš Procházka24 Jun 2026


Killing me gently: Inside Gentlemen’s EDR killer framework

Killing me gently: Inside Gentlemen’s EDR killer framework

Killing me gently: Inside Gentlemen’s EDR killer framework

ESET Research shares the results of a months-long investigation into the suite of EDR killers maintained by the RaaS gang Gentlemen

Jakub Souček18 Jun 2026


FishMonger’s arsenal upgraded: SprySOCKS for Windows

FishMonger’s arsenal upgraded: SprySOCKS for Windows

FishMonger’s arsenal upgraded: SprySOCKS for Windows

ESET researchers have discovered SprySOCKS for Windows, FishMonger’s backdoor weaponizing a kernel driver for advanced stealthiness

ESET Research16 Jun 2026


OceanLotus: From external espionage to domestic targeting

OceanLotus: From external espionage to domestic targeting

OceanLotus: From external espionage to domestic targeting

A shift in operational pattern of the infamous Vietnam-aligned APT group

ESET Research11 Jun 2026


ESET APT Activity Report Q4 2025–Q1 2026

ESET APT Activity Report Q4 2025–Q1 2026

ESET APT Activity Report Q4 2025–Q1 2026

An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q4 2025 and Q1 2026

Jean-Ian Boutin28 May 2026


Webworm: New burrowing techniques

Webworm: New burrowing techniques

Webworm: New burrowing techniques

ESET researchers describe new tools and techniques that the Webworm APT group recently added to its arsenal

Eric Howard20 May 2026


FrostyNeighbor: Fresh mischief and digital shenanigans

FrostyNeighbor: Fresh mischief and digital shenanigans

FrostyNeighbor: Fresh mischief and digital shenanigans

ESET researchers uncovered new activities attributed to FrostyNeighbor, updating its compromise chain to support the group’s continual cyberespionage operations

Damien Schaeffer14 May 2026


Fake call logs, real payments: How CallPhantom tricks Android users

Fake call logs, real payments: How CallPhantom tricks Android users

Fake call logs, real payments: How CallPhantom tricks Android users

ESET researchers uncovered fraudulent apps on Google Play that claim to provide the call history “for any number” and had been downloaded more than seven million times before being taken down

Lukas Stefanko07 May 2026