Increase in Malware Enabled ATM Jackpotting Incidents across United States

The Federal Bureau of Investigation FBI is releasing this FLASH to disseminate indicators of compromise IOCs and technical details associated with malware enabled ATM jackpotting. Threat actors exploit physical and software vulnerabilities in ATMs and deploy malware to dispense cash without a...

An In-Depth Analysis of Cyber Attacks in Secured Platforms

There is an increase in global malware threats. To address this, an encryption-type ransomware has been introduced on the Android operating system. The challenges associated with malicious threats in phone use have become a pressing issue in mobile communication, disrupting user experiences and...

A week in security (July 7 – July 13)

Last week on Malwarebytes Labs: Deepfake criminals impersonate Marco Rubio to uncover government secrets McDonald’s AI bot spills data on job applicants Millions of people spied on by malicious browser extensions in Chrome and Edge No thanks: Google lets its Gemini AI access your apps, including...

CVE-2025-3777

CVE-2025-3777 : In Hugging Face Transformers, versions up to 4.49.0 are affected by improper input validation in image_utils.py due to insecure URL validation with startswith(), bypassable via URL username injection. Attackers could craft URLs that appear to be from YouTube but resolve to malicio...

A week in security (June 30 – July 6)

Last week on Malwarebytes Labs: Drug cartel hacked cameras and phones to spy on FBI and identify witnesses Catwatchful "child monitoring" app exposes victims’ data Microsoft, PayPal, DocuSign, and Geek Squad faked in callback phishing scams Qantas: Breach affects 6 million people, "significant"...

A week in security (June 15 – June 21)

Last week on Malwarebytes Labs: The data on denying social media for kids re-air Lock and Code S06E12 Reddit’s new AI-powered tools scan your posts to serve you better ads Smart air fryers ordered to stop invading our digital privacy WhatsApp to start targeting you with ads Scammers hijack websit...

Cybercriminals Target AI Users with Malware-Loaded Installers Posing as Popular Tools

Fake installers for popular artificial intelligence AI tools like OpenAI ChatGPT and InVideo AI are being used as lures to propagate various threats, such as the CyberLock and LuckyGh0$t ransomware families, and a new malware dubbed Numero. "CyberLock ransomware, developed using PowerShell,...

Avoid Using USB Storage

USB storage devices are usually used to transfer data between servers. However, in most cases, data on USB storage devices cannot be protected by technical methods, thereby increasing the risk of attacks. Viruses and Trojan horses on USB devices may infect and damage the server. If the USB storag...

2024 Annual WordPress Security Report by Wordfence

The 2024 WordPress security landscape saw significant changes, with new Bug Bounty Programs such as Wordfence’s creating opportunities for numerous researchers to earn a sustainable income by examining WordPress software. Despite another record year for disclosed vulnerabilities in 2025, the risi...

⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More

From sophisticated nation-state campaigns to stealthy malware lurking in unexpected places, this week's cybersecurity landscape is a reminder that attackers are always evolving. Advanced threat groups are exploiting outdated hardware, abusing legitimate tools for financial fraud, and finding new...

Biggest Crypto Scam Tactics in 2024 and How to Avoid Them

Stay alert to crypto scams with our guide to 2024's top threats, including phishing, malware, Ponzi schemes, and…...

Ryan Pentney reflects on 10 years of Talos and his many roles from the Sourcefire days

As the adage goes: "You dont know what you dont know." For Ryan Pentney and his team, they know what they dont know. And they wake up every morning trying to figure out how they can answer those questions about emerging threats and some of the largest state-sponsored actors in the world. Pentney ...

Stealers, stealers and more stealers

Introduction Stealers are a prominent threat in the malware landscape. Over the past year we published our research into several stealers see here, here and here, and for now, the trend seems to persist. In the past months, we wrote several private reports on stealers as we discovered Acrid a new...

Kaspersky’s iShutdown Tool Detects Pegasus Spyware on iOS Devices

By Waqas Kaspersky has recently launched a tool called iShutdown, designed not only to detect the notorious Pegasus spyware but also to identify other malware threats on iOS devices. This is a post from HackRead.com Read the original post: Kasperskys iShutdown Tool Detects Pegasus Spyware on iOS...

The 5 most dangerous cyberthreats facing businesses this year

Which of the myriad, extant cyberthreats should your business be paying the most attention to in 2023? Thats the question we set out to answer in this years annual State of Malware report, and the answers might surprise you. To understand why, you need to know what makes this years report so...

How to Detect New Threats via Suspicious Activities

Unknown malware presents a significant cybersecurity threat and can cause serious damage to organizations and individuals alike. When left undetected, malicious code can gain access to confidential information, corrupt data, and allow attackers to gain control of systems. Find out how to avoid...

Microsoft Defender Experts for Hunting proactively hunts threats

Today, we announced the general availability of Microsoft Defender Experts for Hunting to support organizations and their cybersecurity employees with proactive threat hunting. Defender Experts for Hunting was created for customers who have a robust security operations center but want Microsoft t...

Microsoft Defender Experts for Hunting proactively hunts threats

Today, we announced the general availability of Microsoft Defender Experts for Hunting to support organizations and their cybersecurity employees with proactive threat hunting. Defender Experts for Hunting was created for customers who have a robust security operations center but want Microsoft t...

New security features for Windows 11 will help protect hybrid work

Attackers haven’t wasted any time capitalizing on the rapid move to hybrid work. Every day cybercriminals and nation-states alike have improved their targeting, speed, and accuracy as the world adapted to working outside the office. These changes have put "cybersecurity issues and risks” at the t...

FBI: Use a Burner Phone at the Olympics

Use a burner phone if you’re traveling to the Olympics, the FBI warned on Tuesday, lest you come home with a nasty case of malware and/or snatched personal data. The FBI didn’t mention specific threats, per se, but its alert warned those traveling to the February 2022 Beijing Winter Olympics and...