ESET Research


2267 articles

Update WinRAR tools now: RomCom and others exploiting zero-day vulnerability

Update WinRAR tools now: RomCom and others exploiting zero-day vulnerability

Update WinRAR tools now: RomCom and others exploiting zero-day vulnerability

ESET Research discovered a zero-day vulnerability in WinRAR being exploited in the wild in the guise of job application documents; the weaponized archives exploited a path traversal flaw to compromise their targets

Anton Cherepanov, Peter Strýček, Damien Schaeffer11 Aug 2025


ToolShell: An all-you-can-eat buffet for threat actors

ToolShell: An all-you-can-eat buffet for threat actors

ToolShell: An all-you-can-eat buffet for threat actors

ESET Research has been monitoring attacks involving the recently discovered ToolShell zero-day vulnerabilities

ESET Research24 Jul 2025


Unmasking AsyncRAT: Navigating the labyrinth of forks

Unmasking AsyncRAT: Navigating the labyrinth of forks

Unmasking AsyncRAT: Navigating the labyrinth of forks

ESET researchers map out the labyrinthine relationships among the vast hierarchy of AsyncRAT variants

Nikola Knežević15 Jul 2025


Gamaredon in 2024: Cranking out spearphishing campaigns against Ukraine with an evolved toolset

Gamaredon in 2024: Cranking out spearphishing campaigns against Ukraine with an evolved toolset

Gamaredon in 2024: Cranking out spearphishing campaigns against Ukraine with an evolved toolset

ESET Research analyzes Gamaredon’s updated cyberespionage toolset, new stealth-focused techniques, and aggressive spearphishing operations observed throughout 2024

Zoltán Rusnák02 Jul 2025


ESET Threat Report H1 2025

ESET Threat Report H1 2025

ESET Threat Report H1 2025

A view of the H1 2025 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts

Jiří Kropáč26 Jun 2025


BladedFeline: Whispering in the dark

BladedFeline: Whispering in the dark

BladedFeline: Whispering in the dark

ESET researchers analyzed a cyberespionage campaign conducted by BladedFeline, an Iran-aligned APT group with likely ties to OilRig

ESET Research05 Jun 2025


Danabot: Analyzing a fallen empire

Danabot: Analyzing a fallen empire

Danabot: Analyzing a fallen empire

ESET Research shares its findings on the workings of Danabot, an infostealer recently disrupted in a multinational law enforcement operation

Tomáš Procházka22 May 2025


ESET takes part in global operation to disrupt Lumma Stealer

ESET takes part in global operation to disrupt Lumma Stealer

ESET takes part in global operation to disrupt Lumma Stealer

Our intense monitoring of tens of thousands of malicious samples helped this global disruption operation

Jakub Tomanek21 May 2025


ESET APT Activity Report Q4 2024–Q1 2025

ESET APT Activity Report Q4 2024–Q1 2025

ESET APT Activity Report Q4 2024–Q1 2025

An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q4 2024 and Q1 2025

Jean-Ian Boutin19 May 2025