WeLiveSecurity WeLiveSecurity
- Fake call logs, real payments: How CallPhantom tricks Android users
on May 7, 2026 at 8:51 amESET researchers uncovered fraudulent apps on Google Play that claim to provide the call history “for any number” and had been downloaded more than seven million times before being taken down
- Fixing the password problem is as easy as 123456on May 7, 2026 at 7:00 am
How come it’s still possible to ‘secure’ an online account with a six-digit string?
- A rigged game: ScarCruft compromises gaming platform in a supply-chain attackon May 5, 2026 at 8:55 am
ESET researchers have investigated an ongoing attack by the ScarCruft APT group that targets the Yanbian region via backdoor-laced Windows and Android games
- This month in security with Tony Anscombe – April 2026 editionon April 30, 2026 at 9:00 am
Warnings about helpdesk impersonation scams and Iran-linked hackers targeting critical sectors in the US, plus the most damaging scams of 2025 – here’s some of what made the headlines this month
- The calm before the ransom: What you see is not all there ison April 24, 2026 at 9:00 am
A breach claims the systems as well as the confidence that was, in retrospect, a major vulnerability
- GopherWhisper: A burrow full of malwareon April 23, 2026 at 8:59 am
ESET Research has discovered a new China-aligned APT group that we’ve named GopherWhisper, which targets Mongolian governmental institutions
- New NGate variant hides in a trojanized NFC payment appon April 21, 2026 at 8:55 am
ESET researchers discover another iteration of NGate malware, this time possibly developed with the assistance of AI
- What the ransom note won’t sayon April 20, 2026 at 9:00 am
An attack is what you see, but a business operation is what you’re up against
- That data breach alert might be a trapon April 17, 2026 at 9:00 am
Ignoring a real breach notification invites risk, but falling for a bogus one could be even worse. Stop reacting on autopilot.
- Supply chain dependencies: Have you checked your blind spot?on April 16, 2026 at 12:00 pm
Your biggest risk may be a vendor you trust. How can SMBs map their third-party blind spots and build operational resilience?
- Recovery scammers hit you when you’re down: Here’s how to avoid a second strikeon April 10, 2026 at 9:00 am
If you’ve been a victim of fraud, you’re likely already a lead on a ‘sucker list’ – and if you’re not careful, your ordeal may be about to get worse.
- As breakout time accelerates, prevention-first cybersecurity takes center stageon April 7, 2026 at 9:00 am
Threat actors are using AI to supercharge tried-and-tested TTPs. When attacks move this fast, cyber-defenders need to rethink their own strategy.
- Digital assets after death: Managing risks to your loved one’s digital estateon April 1, 2026 at 9:00 am
Fraudsters often target the accounts of the deceased or their grieving relatives. Here’s how to keep the scammers at bay.
- This month in security with Tony Anscombe – March 2026 editionon March 31, 2026 at 8:27 am
The past four weeks have seen a slew of new cybersecurity wake-up calls that showed why every organization needs a well-thought-out cyber-resilience plan
- RSAC 2026 wrap-up – Week in security with Tony Anscombeon March 27, 2026 at 10:38 am
This year, AI agents took the center stage – as a defensive capability, but more pressingly as a risk many organizations haven’t caught up with
- A cunning predator: How Silver Fox preys on Japanese firms this tax seasonon March 27, 2026 at 7:00 am
Silver Fox is back in Japan, spoofing tax and HR emails timed to the one season when no one thinks twice about opening them
- Virtual machines, virtually everywhere – and with real security gapson March 25, 2026 at 10:00 am
Cloud VMs offer unmatched speed, scale and flexibility – all of which could eventually count for little if they’re left to fend for themselves
- Cloud workload security: Mind the gapson March 24, 2026 at 10:00 am
As IT infrastructure expands, visibility and control often lag behind – until an incident forces a reckoning
- Move fast and save things: A quick guide to recovering a hacked accounton March 20, 2026 at 10:00 am
What you do – and how fast – after an account is compromised often matters more than it may seem
- EDR killers explained: Beyond the driverson March 19, 2026 at 9:55 am
ESET researchers dive deeper into the EDR killer ecosystem, disclosing how attackers abuse vulnerable drivers
