DoJ Disrupts Southeast Asia Crypto Fraud Networks, Freezes $3.8 Million in Assets

The U.S. Department of Justice DoJ on Wednesday announced the results of a sweeping action undertaken by government authorities and private sector companies to combat cyber-enabled and cryptocurrency fraud targeting Americans. The "Disruption Week" operation began May 18, 2026, leading to the...

WARD: Adversarially Robust Defense of Web Agents against Prompt Injections

Web agents can autonomously complete online tasks by interacting with websites, but their exposure to open web environments makes them vulnerable to prompt injection attacks embedded in HTML content or visual interfaces. Existing guard models still suffer from limited generalization to unseen...

DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto Scams

The U.S. Department of Justice DoJ this week announced the seizure of $61 million worth of Tether that were allegedly associated with bogus cryptocurrency schemes known as pig butchering. The confiscated funds were traced to cryptocurrency addresses used for the laundering of criminally derived...

Common Crypto Scams and How to Protect Your Funds in 2026

Crypto scams are surging worldwide, from pig butchering to fake trading platforms and deepfakes, draining victims while fraud teams struggle to keep up...

Revealed: Leaked Chats Expose the Daily Life of a Scam Compound’s Enslaved Workforce

A whistleblower trapped inside a “pig butchering” scam compound gave WIRED a vast trove of its internal materials—including 4,200 pages of messages that lay out its operations in unprecedented detail...

Researchers Uncover Service Providers Fueling Industrial-Scale Pig Butchering Fraud

Cybersecurity researchers have shed light on two service providers that supply online criminal networks with the necessary tools and infrastructure to fuel the pig butchering-as-a-service PBaaS economy. At least since 2016, Chinese-speaking criminal groups have erected industrial-scale scam cente...

CVE-2023-25439

Stored Cross Site Scripting XSS vulnerability in Square Pig FusionInvoice 2023-1.0, allows attackers to execute arbitrary code via the description or content fields to the expenses, tasks, and customer details...

Telegram Hosting World’s Largest Darknet Market

Wired is reporting on Chinese darknet markets on Telegram. The ecosystem of marketplaces for Chinese-speaking crypto scammers hosted on the messaging service Telegram have now grown to be bigger than ever before, according to a new analysis from the crypto tracing firm Elliptic. Despite a brief...

A week in security (December 15 – December 21)

Last week on Malwarebytes Labs: CISA warns ASUS Live Update backdoor is still exploitable, seven years on The ghosts of WhatsApp: How GhostPairing hijacks accounts Chrome extension slurps up AI chats after users installed it for privacy Two Chrome flaws could be triggered by simply browsing the...

Pig butchering is the next “humanitarian global crisis” (Lock and Code S06E25)

This week on the Lock and Code podcast … This is the story of the world's worst scam and how it is being used to fuel entire underground economies that have the power to rival nation-states across the globe. This is the story of "pig butchering." "Pig butchering" is a violent term that is used to...

EUVD-2025-143917

Malicious code in nabuf-otimmn-pig npm...

Malicious code in nabuf-otimmn-pig (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c24b5bed1dd7a2eb120de0c8fa47c2a56cf41d113ee91d2caec8781176397730 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139094 Malicious code in varying-harlequin-pig (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e0efc01ffd237e30ebc8d6127cd738b563f653d3dafc2d41d0dbb803d7037bc6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-117008

Malicious code in varying-harlequin-pig npm...

Malicious code in rival_pig_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b6ce00fda0ea0db147296236274e588b4175e845035a85632f9c48c286f4b2d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-95262

Malicious code in rivalpigz3n npm...

EUVD-2025-92682

Malicious code in confidentialpigz3n npm...

EUVD-2025-74198

Malicious code in statutorypigivory-20 npm...

EUVD-2025-76249

Malicious code in monetarypig-toolteadev npm...

EUVD-2025-78753

Malicious code in mysteriouspigz3n npm...