Hello.

A company that's expecting a cyberattack but hasn’t actively prepared for it risks making the hardest decisions at the worst possible moment “Fix the roof while the sun is shining.” – proverb Cybersecurity has a familiar way of saying the storm will come: “a breach is a matter of when, not if.” While the industry’s sternest maxim has probably never been more true, it sometimes feels as though it’s also lost some of its edge over the years. While everyone agrees that there cou

Every organisation gets audited. The question is who does the auditing. There’s one cognitive bias that we humans are prone to, and it lies at the centre of some of the challenges that cybersecurity professionals face every day. It’s known as the normalcy bias – what Dr. Lauren Braithwaite defines as “our tendency to underestimate the possibility of disaster and believe that life will continue as normal, even in the face of significant threats or crises.” It's why people hesi

Your child’s first data breach may happen before they’ve even opened a bank account. Here’s how to keep their digital life safe. When we talk about cybersecurity and digital safety in the context of our children, it’s often framed in one of two ways. Either it’s about inappropriate or unsafe content – of the sort that COPPA is meant to regulate in the US. Or it’s about managing the psychological and social impacts of excessive screen time. But there’s an elephant in the room.

Using chatbots for medical advice could elicit hallucinations and even expose you to security and privacy risks. Here’s what’s at stake and how to stay safe. For better or worse, chatbots are changing the way we think, learn and perceive the world around us. This kind of disruption is manifest in many areas of life, but perhaps one of the most sensitive and often concerning is the growing use of generative AI (GenAI) tools for healthcare. Alongside a number of freely availabl

An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q4 2025 and Q1 2026 ESET APT Activity Report Q4 2025–Q1 2026 summarizes notable activities of selected advanced persistent threat (APT) groups documented by ESET researchers from October 2025 through March 2026. The operations highlighted here are representative of the broader threat landscape we investigated during this period, illustrating key trends and developments, and cont

The malware pairs remote access capabilities with ready-made campaign tools, lowering the barrier for full device compromise Our recent review of threat detections in Brazil surfaced BTMOB, an Android remote access trojan (RAT) that is less notable for detection volume than for the damage it can wreak. The combination of phishing-led delivery, ready-made app-building tooling and device takeover capabilities makes BTMOB a threat to watch well beyond Brazil or Latin America. BT

Watch out for bogus World Cup websites that mimic official ticket and merchandise flows to steal money and personal data As the FIFA World Cup 2026™ in the United States, Canada, and Mexico draws closer, anticipation is building toward fever pitch. Many soccer fans may still be hunting for tickets, merchandise, travel and hospitality packages – and scammers know exactly how to exploit this demand. In other words, many people are already in the state of mind that scammers coun

ESET researchers describe new tools and techniques that the Webworm APT group recently added to its arsenal. ESET researchers analyzed the 2025 activity of Webworm, a China-aligned APT group that started out targeting organizations in Asia, but has recently shifted its focus to Europe. Even though this is our first public blogpost on the group, we have been observing Webworm’s activities ever since Symantec first reported on this threat actor in 2022. Over the years, we have

A complete decoupling from US technology is neither realistic nor necessary, but the changing environment does require nations and companies to reassess their relationships and dependencies The Trump administration’s shift in tone and approach toward traditional allies has understandably unsettled many nations, raising doubts about U.S. reliability and concerns over dependence on American technology. Many had become used to China and Russia's often belligerent tone, flexing t

Conflict is a boon for opportunistic fraudsters. Look out for their ploys. It didn’t take long for tensions in the Middle East to spill over into the cyber domain. There’s been significant disruption of a major US medtech provider, the compromise of OT assets in US critical infrastructure, and ongoing ransomware attacks on businesses by Iran-nexus groups. But what about regular internet users? The truth is that geopolitical tension and conflict offers potentially rich picking