NEWSROOM
News Highlights
Comprehensive collection of ESET News, including the highest performing press releases, research, and thought leadership content gathered on single page.
No, you’re not fired – but beware of job termination scams
Employment scams are evolving, with cybercriminals now using job termination threats to trick individuals into giving personal information. These phishing attacks often create urgency, making victims more likely to click malicious links. Awareness of typical signs, strong passwords, and verifying suspicious messages can help mitigate risks associated with these scams.
Untrustworthy AI: How to deal with data poisoning
Trusting AI assistants requires caution due to risks like database poisoning, which can distort outputs. Security in AI/ML systems often lags behind other priorities, exposing vulnerabilities. Various attack methods exist, such as data injection and supply-chain threats. To mitigate risks, developers must prioritize security and maintain vigilance against malicious data manipulation.
Going (for) broke: 6 common online betting scams and how to avoid them
As online gambling thrives, scammers increasingly target users through phishing, malicious casinos, and fraudulent apps. Common scams include fake job offers, scam tipsters, and fixed-match schemes. To ensure safety, users should only engage with licensed platforms, enable multi-factor authentication, and remain cautious of unsolicited offers or communications.
Lumma Stealer: A fast-growing infostealer threat
ESET’s biannual Threat Report highlights a 369% surge in Lumma Stealer detections in H2 2024, marking it as a significant threat to both consumers and businesses. This infostealer targets user credentials and cryptocurrency wallets, proliferating through various channels, including phishing and malware-as-a-service. Awareness and security measures are crucial for prevention.
PlushDaemon compromises supply chain of Korean VPN service
ESET researchers identified a supply-chain attack by the China-aligned APT group PlushDaemon targeting a South Korean VPN provider. The attackers replaced legitimate software with a backdoor called SlowStepper, featuring extensive espionage capabilities. This incident highlights PlushDaemon’s increasing threat level and sophisticated techniques in cyberespionage operations across East Asia.
Under lock and key: Protecting corporate data from cyberthreats in 2025
Data breaches in 2023 resulted in over 3,200 compromises in the US, affecting 353 million individuals. These breaches harm revenue and reputations, driven by human error and sophisticated cybercriminal tactics. Companies must strengthen security measures, including risk management, employee education, and incident response planning, to protect sensitive data and maintain customer trust.