ESET researchers have uncovered a new type of ransomware that leverages generative artificial intelligence (GenAI) to execute attacks. Named PromptLock, the malware runs a locally accessible AI language model to generate malicious scripts in real time.Read More…
ESET researchers have discovered a previously unknown vulnerability in WinRAR, exploited in the wild by Russia-aligned group RomCom. According to ESET telemetry, malicious archives were used in spearphishing campaigns between July 18 to July 21, 2025, targeting financial, manufacturing, defense, and logistics companies in Europe and Canada. The aim of theRead More…
ESET researchers Robert Lipovský and Anton Cherepanov recently presented breakthrough research into Industroyer2 during a Black Hat conference in Las Vegas, along with Victor Zhora, the Deputy Director of Ukraine’s State Service of Special Communications and Information Protection (SSSCIP).Read More…
André Lameiras, security writer at ESET takes a walk into his memory lane and goes back five years ago, when ESET researchers released their analysis of the first ever malware that was designed specifically to attack power gridsRead More…
ESET researchers have discovered a previously undocumented real-world UEFI bootkit that persists on the EFI System Partition (ESP). The bootkit, which ESET has named ESPecter, can bypass Windows Driver Signature Enforcement to load its own unsigned driver, which facilitates its espionage activities. ESPecter is the second discovery of a UEFIRead More…
ESET researchers recently discovered attempts to deploy Lazarus malware via a supply-chain attack (on less secure parts of the supply network) in South Korea. In order to deliver its malware, the attackers used an unusual supply-chain mechanism, abusing legitimate South Korean security softwareRead More…
ESET researchers have discovered and analyzed malware that targets Voice over IP (VoIP) softswitches. This new malware, named CDRThief by ESET, is designed to target a very specific VoIP platform used by two China-made softswitches (software switches): Linknat VOS2009 and VOS3000.Read More…
ESET researchers have recently discovered and analyzed a 0-day exploit deployed in a highly targeted attack in Eastern Europe. The exploit used a local privilege escalation vulnerability in Microsoft Windows. ESET immediately reported the issue to the Microsoft Security Response Center,Read More…
