identified

TA584 threat actor leverages Tsundere Bot and XWorm for network access

AndyC 11 February 2026

A prolific initial access broker, identified as TA584, has been observed employing the Tsundere Bot in conjunction with the XWorm...

Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms

AndyC 1 February 2026

Ravie LakshmananJan 31, 2026Social Engineering / SaaS Security Google-owned Mandiant on Friday said it identified an "expansion in threat activity"...

OfferUp scammers are out in force: Here’s what you should know

AndyC 5 February 2026

The mobile marketplace app has a growing number of users, but not all of them are genuine. Watch out for these common scams. Phil Muncaster...

A slippery slope: Beware of Winter Olympics scams and other cyberthreats

AndyC 3 February 2026

Digital Security It’s snow joke – sporting events are a big draw for cybercriminals. Make sure you’re not on the losing side by following these...

A slippery slope: Beware of Winter Olympics scams and other cyberthreats

AndyC 3 February 2026

Digital Security It’s snow joke – sporting events are a big draw for cybercriminals. Make sure you’re not on the losing side by following these...

This month in security with Tony Anscombe – January 2026 edition

AndyC 31 January 2026

The year got off to a busy start, with January offering an early snapshot of the challenges that (not just) cybersecurity teams are likely to...

DynoWiper update: Technical analysis and attribution

AndyC 31 January 2026

In this blog post, we provide more technical details related to our previous DynoWiper publication. Key points of the report: ESET researchers identified new data-wiping...

Love? Actually: Fake dating app used as lure in targeted spyware campaign in Pakistan

AndyC 29 January 2026

ESET researchers have uncovered an Android spyware campaign leveraging romance scam tactics to target individuals in Pakistan. The campaign uses a malicious app posing as...