IntroductionZscaler

CES 2026: Samsung previews the future of the iPhone?

Malicious NPM Packages Deliver NodeCordRAT

AndyC 8 January 2026

IntroductionZscaler ThreatLabz regularly monitors the npm database for suspicious packages. In November 2025, ThreatLabz identified three malicious packages: bitcoin-main-lib, bitcoin-lib-js, and bip40. The bitcoin-main-lib...

Credential stuffing: What it is and how to protect yourself

AndyC 9 January 2026

Digital Security Reusing passwords may feel like a harmless shortcut – until a single breach opens the door to multiple accounts Christian Ali Bravo 08...

This month in security with Tony Anscombe – December 2025 edition

AndyC 30 December 2025

As 2025 draws to a close, Tony looks back at the cybersecurity stories that stood out both in December and across the whole of this...

A brush with online fraud: What are brushing scams and how do I stay safe?

AndyC 24 December 2025

Have you ever received a package you never ordered? It could be a warning sign that your data has been compromised, with more fraud to...

Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component

AndyC 23 December 2025

ESET researchers examined CVE‑2025‑50165, a serious Windows vulnerability described to grant remote code execution by merely opening a specially crafted JPG file – one of...

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

AndyC 19 December 2025

In 2024, ESET researchers noticed previously undocumented malware in the network of a Southeast Asian governmental entity. This led us to uncover even more new...