ESET Chief Security Evangelist Tony Anscombe looks at cybersecurity stories that moved the needle, raised the alarms, or offered vital lessons in July 2025.

WeLiveSecurity

01.08.2025

The hidden risks of browser extensions – and how to avoid them

Not all browser extensions are handy helpers – some may contain far more than you have bargained for.

WeLiveSecurity

29.07.2025

ToolShell: An all-you-can-eat buffet for threat actors

ESET Research has been monitoring intense attacks involving the recently discovered ToolShell zero-day vulnerabilities.

WeLiveSecurity

29.07.2025

Rogue CAPTCHAs: Look out for phony verification pages spreading malware

Before rushing to prove that you're not a robot, watch out for deceptive human verification pages as an increasingly popular vector for delivering malware.

WeLiveSecurity

29.07.2025

Unmasking AsyncRAT: Navigating the labyrinth of forks

ESET researchers map out the labyrinthine relationships among the vast hierarchy of AsyncRAT variants.

WeLiveSecurity

29.07.2025

SharePoint under fire: ToolShell attacks hit organizations worldwide

The ToolShell bugs are being exploited by cybercriminals and APT groups alike, with the US on the receiving end of 13 percent of all attacks.

WeLiveSecurity

29.07.2025

Why is your data worth so much? | Cybersecurity podcast

Behind every free online service, there's a price being paid. Learn why your digital footprint is so valuable, and why you might be the product.

WeLiveSecurity

05.07.2025

Task scams: Why you should never pay to get paid

Some schemes might sound unbelievable, but they’re easier to fall for than you think. Here’s how to avoid getting played by gamified job scams.

WeLiveSecurity

05.07.2025

How to get into cybersecurity | Unlocked 403 cybersecurity podcast (S2E3)

Do you have what it takes to break into cybersecurity? Hear from ESET's Robert Lipovsky as he shares insights on how to thrive in this dynamic field.

WeLiveSecurity

04.07.2025

Gamaredon in 2024: Cranking out spearphishing campaigns against Ukraine with an evolved toolset

ESET Research analyzes Gamaredon’s updated cyberespionage toolset, new stealth-focused techniques, and aggressive spearphishing operations observed throughout 2024.

WeLiveSecurity

04.07.2025

How government cyber cuts will affect you and your business

Deep cuts in federal cybersecurity spending risk creating ripple effects that will put many organizations at a higher risk of falling victim to a cyberattack.

WeLiveSecurity

03.07.2025

ESET APT Activity Report Q4 2024-Q1 2025: Malware sharing, data wiping and exploits

ESET experts discuss Sandworm’s new data wiper, relentless campaigns by UnsolicitedBooker, the challenges of attribution amidst tool-sharing, and other key findings from the latest APT Activity Report.

WeLiveSecurity

03.07.2025

ESET Threat Report H1 2025: Key findings

ESET Chief Security Evangelist Tony Anscombe looks at some of the report's standout findings and their implications for organizations in 2025 and beyond.

WeLiveSecurity

30.06.2025

This month in security with Tony Anscombe – June 2025 edition

From Australia's new ransomware payment disclosure rules to another record-breaking DDoS attack, June 2025 saw no shortage of interesting cybersecurity news.

WeLiveSecurity

28.06.2025

ESET Threat Report H1 2025

The H1 2025 issue of the ESET Threat Report reviews the key trends and developments that shaped the threat landscape from November 2024 to May 2025

WeLiveSecurity

06.06.2025

BladedFeline: Whispering in the dark

ESET researchers analyzed a cyberespionage campaign conducted by BladedFeline, an Iran-aligned APT group with likely ties to OilRig.

WeLiveSecurity

04.06.2025

Don’t let dormant accounts become a doorway for cybercriminals

Do you have dozens of forgotten, inactive accounts you can’t even locate anymore? A bit of digital spring cleaning might be in order.

WeLiveSecurity

01.06.2025

This month in security with Tony Anscombe – May 2025 edition

From a flurry of attacks targeting UK retailers to campaigns corralling end-of-life routers into botnets, it's a wrap on another month filled with impactful cybersecurity news

WeLiveSecurity

29.05.2025

Don’t give your personal data to fraudsters: Dodging Docusign scam emails

Cybercriminals are using fake Docusign-themed documents and links to trick people into giving away their personal or corporate data.

WeLiveSecurity

25.05.2025

Danabot under the microscope

ESET Research has been tracking Danabot’s activity since 2018 as part of a global effort that resulted in a major disruption of the malware’s infrastructure.

WeLiveSecurity

24.05.2025

Lumma Stealer down for the count

The bustling enterprise, recently disrupted by a global effort including ESET, is notorious for going after all manner of sensitive data, including passwords, credit card numbers, and cryptowallet info.

WeLiveSecurity

24.05.2025

Danabot: Analyzing a fallen empire

ESET Research shares its findings on the workings of Danabot, an infostealer recently disrupted in a multinational law enforcement operation.

WeLiveSecurity

23.05.2025

ESET takes part in global operation to disrupt Lumma Stealer

Our intense monitoring of tens of thousands of malicious samples helped this global disruption operation

WeLiveSecurity

21.05.2025

ESET APT Activity Report Q4 2024–Q1 2025

This issue of the ESET APT Activity Report reviews notable activities of APT group that were documented by ESET researchers from October 2024 until March 2025.

WeLiveSecurity

21.05.2025

ESET APT Activity Report Q4 2024–Q1 2025: Key findings

ESET Chief Security Evangelist Tony Anscombe highlights key findings from the latest ESET APT Activity Report

WeLiveSecurity

17.05.2025

Sednit abuses XSS flaws to hit gov't entities, defense companies

Operation RoundPress exploits security holes in webmail software to target Ukrainian governmental entities and defense companies in Eastern Europe.

WeLiveSecurity

17.05.2025

Operation RoundPress targeting high-value webmail servers

ESET researchers uncover a Russia-aligned espionage operation that they named RoundPress and that targets webmail servers via XSS vulnerabilities.

WeLiveSecurity

14.05.2025

Can we counter online disinformation? | Unlocked 403 cybersecurity podcast (Season 2, Episode 2)

Ever wondered why a lie can spread faster than the truth? Tune in for an insightful look at disinformation, one of the most pressing challenges facing our digital world.

WeLiveSecurity

10.05.2025

Catching a phish with many faces

Here’s a brief dive into the murky waters of shape-shifting attacks that leverage dedicated phishing kits to auto-generate customized login pages on the fly.

WeLiveSecurity

09.05.2025

Beware of phone scams demanding money for ‘missed jury duty’

When we get the call, it’s our legal responsibility to attend jury service. But sometimes that call won’t come from the courts – it will be a scammer.

WeLiveSecurity

08.05.2025

Toll road text scams are in overdrive: Here’s what to look out for

Have you received a text message about an unpaid road toll? You’re not alone. Make sure you’re not the next victim of a smishing scam.

WeLiveSecurity

04.05.2025

It's a wrap! RSAC 2025 highlights – Week in security with Tony Anscombe

From the power of collaborative defense to identity security and AI, catch up on the event's key themes with ESET Chief Security Evangelist Tony Anscombe.

WeLiveSecurity

02.05.2025

TheWizards APT group uses SLAAC spoofing to perform adversary-in-the-middle attacks

ESET researchers publish an analysis of Spellbinder, a lateral movement tool used to perform adversary-in-the-middle attacks.

WeLiveSecurity

30.04.2025

This month in security with Tony Anscombe – April 2025 edition

From the near-demise of MITRE's CVE program to a report showing that AI outperforms elite red teamers in spearphishing, April 2025 was another whirlwind month in cybersecurity

WeLiveSecurity

30.04.2025

How safe and secure is your iPhone really?

Your iPhone isn’t necessarily as invulnerable to security threats as you may think. Here are the key dangers to watch out for and how to harden your device against bad actors.

WeLiveSecurity

27.04.2025

Ill intent: How deepfake “doctors” peddle bogus cures on TikTok

Look out for AI-generated 'TikDocs' who exploit the public's trust in the medical profession to drive sales of sketchy supplements

WeLiveSecurity

25.04.2025

How fraudsters abuse Google Forms to spread scams

Google Forms, the form and quiz-building tool, is a popular vector for social engineering and malware. Here’s how to stay safe.

WeLiveSecurity

23.04.2025

Will super-smart AI be attacking us anytime soon?

From the time a CVE is released that’s exploitable, or a new technique rolled out, you’ll have to think quick – I hope you’re ready.

WeLiveSecurity

19.04.2025

Look out! CapCut copycats are on the prowl

Cybercriminals lure content creators with promises of cutting-edge AI wizardry, only to steal their data or hijack their devices instead.

WeLiveSecurity

18.04.2025

They’re coming for your data: What are infostealers and how do I stay safe?

Here's what to know about malware that raids email accounts, web browsers, crypto wallets, and more – all in a quest for your sensitive data

home›WeLiveSecurity›Software

WeLiveSecurity - Software

This month in security with Tony Anscombe – July 2025 edition

The hidden risks of browser extensions – and how to avoid them

ToolShell: An all-you-can-eat buffet for threat actors

Rogue CAPTCHAs: Look out for phony verification pages spreading malware

Unmasking AsyncRAT: Navigating the labyrinth of forks

SharePoint under fire: ToolShell attacks hit organizations worldwide

Why is your data worth so much? | Cybersecurity podcast

Task scams: Why you should never pay to get paid

How to get into cybersecurity | Unlocked 403 cybersecurity podcast (S2E3)

Gamaredon in 2024: Cranking out spearphishing campaigns against Ukraine with an evolved toolset

How government cyber cuts will affect you and your business

ESET APT Activity Report Q4 2024-Q1 2025: Malware sharing, data wiping and exploits

ESET Threat Report H1 2025: Key findings

This month in security with Tony Anscombe – June 2025 edition

ESET Threat Report H1 2025

BladedFeline: Whispering in the dark

Don’t let dormant accounts become a doorway for cybercriminals

This month in security with Tony Anscombe – May 2025 edition

Don’t give your personal data to fraudsters: Dodging Docusign scam emails

Danabot under the microscope

Lumma Stealer down for the count

Danabot: Analyzing a fallen empire

ESET takes part in global operation to disrupt Lumma Stealer

ESET APT Activity Report Q4 2024–Q1 2025

ESET APT Activity Report Q4 2024–Q1 2025: Key findings

Sednit abuses XSS flaws to hit gov't entities, defense companies

Operation RoundPress targeting high-value webmail servers

Can we counter online disinformation? | Unlocked 403 cybersecurity podcast (Season 2, Episode 2)

Catching a phish with many faces

Beware of phone scams demanding money for ‘missed jury duty’

Toll road text scams are in overdrive: Here’s what to look out for

It's a wrap! RSAC 2025 highlights – Week in security with Tony Anscombe

TheWizards APT group uses SLAAC spoofing to perform adversary-in-the-middle attacks

This month in security with Tony Anscombe – April 2025 edition

How safe and secure is your iPhone really?

Ill intent: How deepfake “doctors” peddle bogus cures on TikTok

How fraudsters abuse Google Forms to spread scams

Will super-smart AI be attacking us anytime soon?

Look out! CapCut copycats are on the prowl

They’re coming for your data: What are infostealers and how do I stay safe?

home
›
WeLiveSecurity
›
Software