Insights
Randall Munroe’s XKCD ‘Fishing’
via the comic artistry and dry wit of Randall Munroe, creator of XKCD Permalink *** This is a Security Bloggers Network syndicated blog from...
Why AI Changes the Risk Model for Application Security
As AI becomes embedded in everyday development workflows, the security model for applications is shifting fast — and not always in ways teams are...
Malicious NPM Packages Deliver NodeCordRAT
IntroductionZscaler ThreatLabz regularly monitors the npm database for suspicious packages. In November 2025, ThreatLabz identified three malicious packages: bitcoin-main-lib, bitcoin-lib-js, and bip40. The bitcoin-main-lib and bitcoin-lib-js packages execute a postinstall.cjs script...
Fingerprints beyond device IDs: engineered representations for fraud detection
In fraud and bot detection, people usually think of fingerprinting as the classic browser or device fingerprint. This comes from techniques that use JavaScript...
HP’s new computer is built into the keyboard
In conjunction with the CES show in Las Vegas, HP has shown off the Eliteboard G1a, a keyboard computer aimed primarily at business users. Despite...
Android source code will now only be released twice a year
Ever since the first version of Android was released in 2008, anyone who wanted to could access the source code of the operating system. However,...
Trending News
This month in security with Tony Anscombe – December 2025 edition
As 2025 draws to a close, Tony looks back at the cybersecurity stories that stood out both in December and across the whole of this...
A brush with online fraud: What are brushing scams and how do I stay safe?
Have you ever received a package you never ordered? It could be a warning sign that your data has been compromised, with more fraud to...
Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component
ESET researchers examined CVE‑2025‑50165, a serious Windows vulnerability described to grant remote code execution by merely opening a specially crafted JPG file – one of...
LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan
In 2024, ESET researchers noticed previously undocumented malware in the network of a Southeast Asian governmental entity. This led us to uncover even more new...
ESET Threat Report H2 2025
ESET Research A view of the H2 2025 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research...
Black Hat Europe 2025: Was that device designed to be on the internet at all?
Business Security Behind the polished exterior of many modern buildings sit outdated systems with vulnerabilities waiting to be found Tony Anscombe 12 Dec 2025 • ...