A week in security (June 1 – June 7)

Last week on Malwarebytes Labs: Your phone called. It needs a cleanup. Fake BlueWallet steals passwords, accounts, and crypto from Macs Fake virus alerts are invading mobile games 23andMe exposed genetic information of millions, lawsuit says These convincing copyright notices are designed to stea...

CVE-2026-42547

IRIS is a web collaborative platform that helps incident responders share technical details during investigations. In versions prior to 2.4.28, users can create alerts for customers that are not assigned to them. This can be abused to falsely attribute fake alerts to customers. In combination wit...

UNC6692 Hackers Exploit Microsoft Teams to Deploy SNOW Malware

UNC6692 hackers exploit Microsoft Teams with fake IT alerts to deploy SNOW malware, steal credentials, and breach corporate networks in advanced attacks...

Matrix Push C2 Uses Browser Notifications for Fileless, Cross-Platform Phishing Attacks

Bad actors are leveraging browser notifications as a vector for phishing attacks to distribute malicious links by means of a new command-and-control C2 platform called Matrix Push C2. "This browser-native, fileless framework leverages push notifications, fake alerts, and link redirects to target...

CVE-2025-64494

Soft Serve is a self-hostable Git server for the command line. In versions prior to 0.10.0, there are several places where the user can insert data e.g. names and ANSI escape sequences are not being removed, which can then be used, for example, to show fake alerts. In the same token, git messages...

CVE-2025-64494 Soft Serve does not sanitize ANSI escape sequences in user input

Soft Serve is a self-hostable Git server for the command line. In versions prior to 0.10.0, there are several places where the user can insert data e.g. names and ANSI escape sequences are not being removed, which can then be used, for example, to show fake alerts. In the same token, git messages...

CVE-2025-64494

Soft Serve (Charmbracelet/soft-serve) does not sanitize ANSI escape sequences in user input, and does not sanitize git messages in some UI paths. Affected versions are prior to 0.10.0. The issue can enable fake-alert-like output due to unsanitized input, with related cleanup needed in printed git...

CVE-2025-64494 Soft Serve does not sanitize ANSI escape sequences in user input

Soft Serve is a self-hostable Git server for the command line. In versions prior to 0.10.0, there are several places where the user can insert data e.g. names and ANSI escape sequences are not being removed, which can then be used, for example, to show fake alerts. In the same token, git messages...

New Tech Support Scam Uses Microsoft Logo to Fake Browser Lock, Steal Data

The Cofense Phishing Defense Centre warns of a new tech support scam using Microsoft’s brand to lock browsers and steal data. Learn how the attack uses fake 'payment lures' and urgent security alerts to trick victims into calling a fraudulent support number...

CTM360 Identifies Surge in Phishing Attacks Targeting Meta Business Users

A new global phishing threat called "Meta Mirage" has been uncovered, targeting businesses using Meta's Business Suite. This campaign specifically aims at hijacking high-value accounts, including those managing advertising and official brand pages. Cybersecurity researchers at CTM360 revealed tha...

Hackers Send Fake Rocket Alerts to Israelis via Hacked Red Alert App

By Waqas The Red Alert App is available on iOS; however, its Android version has been removed for unknown reasons This is a post from HackRead.com Read the original post: Hackers Send Fake Rocket Alerts to Israelis via Hacked Red Alert App...

Researchers exploit LTE flaws to send 50,000 fake presidential alerts

By Waqas Researchers managed to cover a 50,000 seat football stadium using only four malicious portable stations. A group of security researchers from the University of Colorado Boulder has published a paper detailing the findings of their latest research revealing that LTE vulnerabilities can he...

ToRPEDO Privacy Attack on 4G/5G Networks Affects All U.S. Carriers

Privacy-breaking flaws in the 4G and 5G mobile protocols could allow attackers to intercept calls, send fake amber alerts or other notifications, track location and more, according to a research team from Purdue University and the University of Iowa. In a paper presented at Mobile World Congress ...

Hackers can Send Fake Emergency Alerts by Exploiting 4G LTE Protocol Flaws

By Waqas Researchers at the Purdue University and the University of Iowa, This is a post from HackRead.com Read the original post: Hackers can Send Fake Emergency Alerts by Exploiting 4G LTE Protocol Flaws...

Flaws in Emergency Alert System Hardware Allow Remote Login, Zombie Alert Insertion

There are a set of easily exploited vulnerabilities in the appliances used in the emergency alert system EAS that could be used by attackers to log in to these boxes remotely and send fake emergency alerts like the one that interrupted a TV broadcast in Montana on Monday. The vulnerabilities...