Peruvian Loan Scam Harvests Cards and PINs via Fake Applications
Loan phishing operation in Peru is stealing card info by impersonating financial institutions
Campaigns
14 articles
LinkedIn Phishing Campaign Exploits Open-Source Pen Testing Tool to Compromise Business Execs
Cybersecurity Researchers at ReliaQuest warn of an ongoing campaign delivered to “high-value individuals” via LinkedIn messages
TamperedChef Malvertising Campaign Drops Malware via Fake PDF Manuals
TamperedChef creates backdoors and steals user credentials – particularly in organizations reliant on technical equipment
LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan
ESET researchers discovered a China-aligned APT group, LongNosedGoblin, which uses Group Policy to deploy cyberespionage tools across networks of governmenta...
The $0 Transaction That Signaled a Nation-State Cyberattack
A $0 card test signaled a Chinese state-linked cyberattack on Anthropic’s AI platform. Learn how card-testing fraud intelligence spots nation-state ops early.
Beyond the Watering Hole: APT24's Pivot to Multi-Vector Attacks
Written by: Harsh Parashar, Tierra Duncan, Dan Perez Google Threat Intelligence Group (GTIG) is tracking a long-running and adaptive cyber espionage campaign...
PlushDaemon compromises network devices for adversary-in-the-middle attacks
ESET researchers have discovered a network implant used by the China-aligned PlushDaemon APT group to perform adversary-in-the-middle attacks
The who, where, and how of APT attacks in Q2 2025–Q3 2025
ESET Chief Security Evangelist Tony Anscombe highlights some of the key findings from the latest issue of the ESET APT Activity Report
ESET APT Activity Report Q2 2025–Q3 2025
An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q2 2025 and Q3 2025
Gotta fly: Lazarus targets the UAV sector
ESET research analyzes a recent instance of the Operation DreamJob cyberespionage campaign conducted by Lazarus, a North Korea-aligned APT group
Gamaredon X Turla collab
Notorious APT group Turla collaborates with Gamaredon, both FSB-associated groups, to compromise high‑profile targets in Ukraine
GhostRedirector poisons Windows servers: Backdoors with a side of Potatoes
ESET researchers have identified a new threat actor targeting Windows servers with a passive C++ backdoor and a malicious IIS module that manipulates Google ...
Watering Hole Attacks Push ScanBox Keylogger
Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.