ESET in the Media
25 mentions across press, blogs, and newsletters
February 2026
NYPost
CAPTCHA test scam hijacks victim’s data in the most ‘diabolical’ way — here’s how to spot a ‘ClickFix’ attack
It's a digital wolf in sheep's clothing.
Feb 27, 2026
GBHackers
Hackers Use Steganographic Images to Bypass Anti-Malware and Deploy Malware
Hackers are abusing steganography in PNG images to smuggle a Pulsar Remote Access Trojan (RAT) into Windows systems through a malicious NPM package named buildrunner‑dev. The attack starts with a typosquatted NPM package, buildrunner‑dev, which impersonates the abandoned “buildrunner”/“build-runn
Feb 24, 2026
darkreading
Iran's MuddyWater Targets Orgs With Fresh Malware as Tensions Mount
The long-active Iranian threat group debuted various attack strains and payloads in attacks against organizations in the Middle East and Africa.
Feb 23, 2026
TechRadarTech Media
'The AI model and prompt are predefined in the code and cannot be changed': Experts say PromptSpy is the first known Android malware to use Gemini to ensure infection
PromptSpy Android malware uses Gemini AI and Accessibility Services to maintain persistence, record activity, and evade normal malware removal.
Feb 23, 2026
WebProNews
The Apps Already on Your Phone That Security Experts Say You Should Delete Immediately
Security researchers warn that many of the most popular Android apps — from free antivirus tools to weather and flashlight apps — engage in excessive data collection and pose real p
Feb 23, 2026
EconomicTimes - IndiaTimes
World looks more complex outside echo chambers of AI: ESET global CEO
Describing India as "probably the fastest major economy in the world," he pointed to its strong universities and steady pipeline of engineers as key strategic advantages. ESET is expanding its presence in the country and is considering the possibility of setting up a research and development centre
Feb 21, 2026
Android Authority
Android malware is now using Google’s own Gemini AI to adapt in real time
Android threats may have just entered a new AI phase.
Feb 20, 2026
How To Geek
New Android malware uses Gemini AI to learn how to run on specific devices
PromptSpy takes the guesswork out of Android device differences.
Feb 20, 2026
Infosecurity Magazine
Android Malware Hijacks Google Gemini to Stay Hidden
A new Android malware implant using Google Gemini to perform persistence tasks was discovered on VirusTotal and analyzed by ESET
Feb 20, 2026
Security Affairs
PromptSpy abuses Gemini AI to gain persistent access on Android
PromptSpy is the first Android malware to abuse Google’s Gemini AI, enabling persistence and advanced spying features. Security researchers at ESET have uncovered PromptSpy, the first known Android malware to exploit Google’s Gemini AI to maintain persistence. The malware can capture lockscreen data
Feb 20, 2026
SecurityWeek
PromptSpy Android Malware Abuses Gemini AI at Runtime for Persistence
The malware leverages Gemini to analyze on-screen elements and ensure that it remains on the device even after a reboot. The post PromptSpy Android Malware Abuses Gemini AI at Runt
Feb 20, 2026
GBHackers
PromptSpy: First Android AI Malware Leverages Google’s Gemini for Decision-Making
PromptSpy is a newly discovered Android malware family that abuses Google’s Gemini generative AI model to make real‑time decisions on how to manipulate the user interface and stay active on infected devices. PromptSpy’s AI‑assisted functionality is focused on persistence rather than initial infec
Feb 20, 2026
Nerds.xyz
Android’s AI nightmare begins as malware turns Gemini into a hacking tool
<img alt="Android AI malware" class="webfeedsFeaturedVisual wp-post-image" height="600" src="https://nerds.xyz/wp-content/uploads/
Feb 19, 2026
BleepingComputer
PromptSpy is the first known Android malware to use generative AI at runtime
Researchers have discovered the first known Android malware to use generative AI in its execution flow, using Google's Gemini model to adapt its persistence across different devices. [...]
Feb 19, 2026
BleepingComputer
PromptSpy is the first Android malware to use generative AI at runtime
Researchers have discovered the first known Android malware to use generative AI in its execution flow, using Google's Gemini model to adapt its persistence across different devices. [...]
Feb 19, 2026
CyberInsider
PromptSpy Android malware abuses Google Gemini AI for persistence
ESET researchers have uncovered the first known Android malware to incorporate generative AI directly into its execution flow. The malware, named PromptSpy, abuses Google’s Gemini model to dynamically manipulate the Android user interface and ensure its own persistence on infected devices. ESET r
Feb 19, 2026
PCMagTech Media
This Android Malware Connects to Google Gemini for Tips on Hacking Targets
'PromptSpy' appears to be the first Android malware that uses generative AI in its execution flow, according to antivirus provider ESET.
Feb 19, 2026
The Register AI-ML
Android malware taps Gemini to navigate infected devices
The real deal or another research project overblown? Cybersecurity researchers say they've spotted the first Android malware strain that uses generative AI to improve performance once installed. But it may be only a proof of concept.…
Feb 19, 2026
TechRadarTech Media
We all need digital protection and the ESET Home Security Plan is the bees knees
Save an unbelievable 50% on the ESET Home Security Ultimate plan.
Feb 19, 2026
ForbesMajor Publication
iOS 26.4—Apple Switches Key iPhone Feature On By Default
Apple's iOS 26.4 sees its Stolen Device Protection anti-theft feature turned on by default. Here's what you need to know.
Feb 17, 2026
darkreading
Microsoft Under Pressure to Bolster Defenses for BYOVD Attacks
Threat actors are exploiting security gaps to weaponize Windows drivers and terminate security processes in targeted networks, and there may be no easy fixes in sight.
Feb 13, 2026
darkreading
Nation-State Hackers Put Defense Industrial Base Under Siege
Espionage groups from China, Russia and other nations burned at least two dozen zero-days in edge devices in attempts to infiltrate defense contractors’ networks.
Feb 13, 2026
ForbesMajor Publication
iOS 26.3—Update Now Warning Issued To All iPhone Users
Apple has released iOS 26.3 fixing 39 security flaws — one of which is already being used in real-life attacks. Here's what you need to know.
Feb 13, 2026
ForbesMajor Publication
iOS 26.3—Update Now Warning Issued To All iPhone Users
Apple has released iOS 26.3 fixing 39 security flaws — one of which is already being used in real-life attacks. Here's what you need to know.
Feb 12, 2026
Security Affairs
Reynolds ransomware uses BYOVD to disable security before encryption
Researchers discovered Reynolds ransomware, which uses BYOVD technique to disable security tools and evade detection before encryption. Researchers found a new ransomware, named Reynolds, that implements the Bring Your Own Vulnerable Driver (BYOVD) technique to disable security tools and evade detec
Feb 11, 2026