Cybercriminals Plant Malicious AI Agents in Open Source Tool Repositories
Cybersecurity researchers at ESET identify big rise in suspicious and malicious toolsets which put users at risk from cyber-attacks
Antivirus software detects, blocks, and removes malicious code, helping reduce the risk of malware-driven data theft and system disruption.
Search across headline titles and summaries.
Background for this topic.
Antivirus software scans files and running processes to detect and remove malicious code such as viruses, worms, trojans, ransomware, and spyware. It uses signature databases, heuristic rules, and behavioral analysis to identify threats during real-time monitoring or scheduled scans. Regular updates to detection rules are necessary to recognize new malware variants and reduce false negatives.
While antivirus helps block many common malware infections on endpoints, it has limited effectiveness against advanced threats like fileless malware or attacks that evade signature detection. Security teams should combine antivirus with complementary tools such as endpoint detection and response (EDR) to improve visibility and threat hunting. Proper tuning is important to minimize false positives and performance impacts that can disrupt operations or obscure genuine alerts.
Weekly headline count for the current query.
Cybersecurity researchers at ESET identify big rise in suspicious and malicious toolsets which put users at risk from cyber-attacks
ESET details GentleKiller, the EDR-killer framework the Gentlemen ransomware gang gives affiliates
ESET’s 2026 APT Activity Report suggests China-backed APTs are using instability in the region to target victims, as well as continuing activity against organizations around the globe
China-linked Webworm APT expands beyond Asia, targeting European government organizations and refining its cyber espionage tactics, according to ESET research
ESET warns that North Korean hackers compromised a Yanbian gaming site in a supply‑chain attack, trojanizing Windows and Android software to spy on users
Huntress uncovers adware deploying AV-killing payloads via signed updates across 23,000 endpoints
Most UK manufacturers compromised last year suffered financial loss, says ESET
A new Android malware implant using Google Gemini to perform persistence tasks was discovered on VirusTotal and analyzed by ESET
Supply chain breach in eScan antivirus distributes multi-stage malware via legitimate updates
Trend Micro believe security teams should anticipate increased Vidar 2.0 prevalence in campaigns through Q4 2025
Lumma Stealer operators allegedly exposed in underground doxxing campaign, with sensitive details leaked by rival cybercriminals, according to Trend Micro
Trend Micro have reported a campaign exploiting a flaw in Cisco SNMP to install Linux rootkits on devices
Trend Micro highlighted the new LockBit version’s improved technical improvements and cross-platform functionality compared to previous iterations
ESET found that the FSB-affiliated groups, Gamaredon and Turla, are sharing tools to help conduct espionage attacks against Ukrainian organizations
Trend Micro said the use of AI platforms to create and host fake CAPTCHA pages helps attackers develop more sophisticated phishing campaigns at scale and speed
Trend Micro observed the attackers using terminal-based installation methods for the AMOS malware, luring macOS users into installing cracked versions of apps
Silver Fox APT abuses Microsoft-signed drivers to kill antivirus and deploy ValleyRAT remote-access backdoor
While still in development, PromptLock is described as the “first known AI-powered ransomware” by ESET researchers
Trend Micro highlighted a sophisticated post-compromise attack chain to deploy the Warlock ransomware in unpatched SharePoint on-prem environments
Trend Micro has released a temporary fix for the flaws, which enable remote code execution on on-prem Apex One machines