Inside a purchase order PDF phishing campaign

A PDF named "NEW Purchase Order 52177236.pdf" turned out to be a phishing lure. So we analyzed the phishing script behind it. A customer contacted me when Malwarebytes blocked the link inside a “purchase order” email they had received. Malwarebytes blocked this ionoscloud.com subdomain When I...

编号撤回

WatchGuard Firebox is a WatchGuard company that provides comprehensive network security services, from traditional IPS and GAV to web site/application control and malicious software prevention. This CVE number has been withdrawn...

Malwarebytes aces PCMag Readers’ Choice Awards and AVLab Cybersecurity Foundation tests

Malwarebytes proudly topped three categories in PCMag’s 2025 Readers’ Choice Awards, recognized for exceptional protection and user satisfaction. We also earned the latest badge from AVLab Cybersecurity Foundation’s September “Advanced In-The-Wild Malware Test” by blocking 100% of malware samples...

EUVD-2015-8474

Malware in sbrugna...

EUVD-2016-2444

Malware in sbrugna...

EUVD-2019-9303

Malware in sbrugna...

EUVD-2014-2806

Malware in sbrugna...

EUVD-2024-50733

Malicious code in bioql PyPI...

CVE-2019-19694

The Trend Micro Security 2019 15.0.0.1163 and below consumer family of products is vulnerable to a denial of service DoS attack in which a malicious actor could manipulate a key file at a certain time during the system startup process to disable the product's malware protection functions or the...

Tired of Google sponsored ads? So are we! That’s why we’re introducing the option to block them on iOS

Sponsored ads on Google search don’t just irritate users—they also provide a dangerous opportunity for cybercriminals to spread malware and scams to their unsuspecting victims. What looks like a harmless search result can be a carefully disguised trap. At Malwarebytes, our researchers have...

Malwarebytes named “Best Antivirus Software” and “Best Malware Removal Service”

Horn tooting time: We're excited to say we've earned a coveted spot in PCMag’s “Best Antivirus Software for 2025” list, and been recognized as the “Best Malware Removal Service 2025” by CNET. PCMag’s rigorous evaluation process takes into account a range of factors, including real-world, hands-on...

CVE-2025-31545

Technical details about CVE-2025-31545 are not publicly provided in the supplied documents. The affected plugin is Safe Ai Malware Protection for WP with version up to 1.0.20, but no specifics on root cause, impact, remediation, or exploitation are included.

Google Confirms Android SafetyCore Enables AI-Powered On-Device Content Classification

Google has stepped in to clarify that a newly introduced Android System SafetyCore app does not perform any client-side scanning of content. "Android provides many on-device protections that safeguard users against threats like malware, messaging spam and abuse protections, and phone scam...

How To Protect Your Organization's Bluesky Account From Security Threats

When a new platform suddenly becomes popular, it’s not uncommon to see it stress tested by malware authors and fraudsters. Many organizations are making the leap to Bluesky without necessarily understanding the potential threats to an account and the business should a compromise take place. This...

CVE-2024-12269

The Safe Ai Malware Protection for WP plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exportdb function in all versions up to, and including, 1.0.17. This makes it possible for unauthenticated attackers to retrieve a complete dump of the...

A week in security (April 8 – April 14)

Last week on Malwarebytes Labs: How to change your Social Security Number Apple warns people of mercenary attacks via threat notification system How to check if your data was exposed in the AT&T breach Microsoft’s April 2024 Patch Tuesday includes two actively exploited zero-day vulnerabilities H...

Qualys Endpoint Detection & Response Validated by Top Independent Testing Labs

Qualys is proud to announce that our Endpoint Detection & Response solution has earned top certifications from two of the most respected independent anti-virus testing organizations - SE Labs and AV-Test. These prestigious validations underscore Qualys mission to deliver best-in-class malware...

Malwarebytes consumer product roundup: The latest

At Malwarebytes, we’re constantly evolving to protect our customers. These days, our products don’t just protect you from malware, we protect your identity, defend you from ads, safeguard your social media, and keep your mobile safe too. Here are the innovations we’ve made in our products recentl...

11 best practices for securing data in cloud services

In todays digital age, cloud computing has become an essential part of businesses, enabling them to store and access their data from anywhere. However, with convenience comes the risk of data breaches and cyberattacks. Therefore, it is crucial to implement best practices to secure data in cloud...

WhatsApp introduces new security features

WhatsApp has announced several new security features which include an extra check when an account is transferred to a new device. This check asks that users confirm the transfer on their old device. This should warn users in case there is a transfer in progress started by somebody trying to hijac...