WeLiveSecurity WeLiveSecurity
- This month in security with Tony Anscombe – May 2026 edition
on May 29, 2026 at 7:30 amIn this roundup, Tony looks at attacks against Polish water treatment facilities, how AI-directed attacks failed in Mexico, and what Google believes is the first AI-generated zero-day exploit
- ESET APT Activity Report Q4 2025–Q1 2026on May 28, 2026 at 8:45 am
An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q4 2025 and Q1 2026
- What to consider before asking an AI chatbot for health adviceon May 27, 2026 at 8:50 am
Using chatbots for medical advice could elicit hallucinations and even expose you to security and privacy risks. Here’s what’s at stake and how to stay safe.
- BTMOB: A stealthy RAT burrowing deep into Android deviceson May 26, 2026 at 8:50 am
The malware pairs remote access capabilities with ready-made campaign tools, lowering the barrier for full device compromise
- Foul play: Fake FIFA websites target soccer fans looking for World Cup tickets, merchandiseon May 22, 2026 at 8:50 am
Watch out for bogus World Cup websites that mimic official ticket and merchandise flows to steal money and personal data
- Webworm: New burrowing techniqueson May 20, 2026 at 8:40 am
ESET researchers describe new tools and techniques that the Webworm APT group recently added to its arsenal
- The quest for greater tech independenceon May 19, 2026 at 8:50 am
A complete decoupling from US technology is neither realistic nor necessary, but the changing environment does require nations and companies to reassess their relationships and dependencies
- Why geopolitical turmoil is a gift for scammers, and how to stay safeon May 15, 2026 at 8:50 am
Conflict is a boon for opportunistic fraudsters. Look out for their ploys.
- FrostyNeighbor: Fresh mischief and digital shenaniganson May 14, 2026 at 8:50 am
ESET researchers uncovered new activities attributed to FrostyNeighbor, updating its compromise chain to support the group’s continual cyberespionage operations
- Eyes wide open: How to mitigate the security and privacy risks of smart glasseson May 11, 2026 at 8:55 am
Smart glasses allow anyone to track and record the world around them. That could put your data and the privacy of those nearby at risk.
- Fake call logs, real payments: How CallPhantom tricks Android userson May 7, 2026 at 8:51 am
ESET researchers uncovered fraudulent apps on Google Play that claim to provide the call history “for any number” and had been downloaded more than seven million times before being taken down
- Fixing the password problem is as easy as 123456on May 7, 2026 at 7:00 am
How come it’s still possible to ‘secure’ an online account with a six-digit string?
- A rigged game: ScarCruft compromises gaming platform in a supply-chain attackon May 5, 2026 at 8:55 am
ESET researchers have investigated an ongoing attack by the ScarCruft APT group that targets the Yanbian region via backdoor-laced Windows and Android games
- This month in security with Tony Anscombe – April 2026 editionon April 30, 2026 at 9:00 am
Warnings about helpdesk impersonation scams and Iran-linked hackers targeting critical sectors in the US, plus the most damaging scams of 2025 – here’s some of what made the headlines this month
- The calm before the ransom: What you see is not all there ison April 24, 2026 at 9:00 am
A breach claims the systems as well as the confidence that was, in retrospect, a major vulnerability
- GopherWhisper: A burrow full of malwareon April 23, 2026 at 8:59 am
ESET Research has discovered a new China-aligned APT group that we’ve named GopherWhisper, which targets Mongolian governmental institutions
- New NGate variant hides in a trojanized NFC payment appon April 21, 2026 at 8:55 am
ESET researchers discover another iteration of NGate malware, this time possibly developed with the assistance of AI
- What the ransom note won’t sayon April 20, 2026 at 9:00 am
An attack is what you see, but a business operation is what you’re up against
- That data breach alert might be a trapon April 17, 2026 at 9:00 am
Ignoring a real breach notification invites risk, but falling for a bogus one could be even worse. Stop reacting on autopilot.
- Supply chain dependencies: Have you checked your blind spot?on April 16, 2026 at 12:00 pm
Your biggest risk may be a vendor you trust. How can SMBs map their third-party blind spots and build operational resilience?
