7 matches found
Silver Fox uses the new ABCDoor backdoor to target organizations in Russia and India
In December 2025, we detected a wave of malicious emails designed to look like official correspondence from the Indian tax service. A few weeks later, in January 2026, a similar campaign began targeting Russian organizations. We have attributed this activity to the Silver Fox threat group. Both...
A week in security (March 31 – April 6)
Last week on Malwarebytes Labs: Why we’re no longer doing April Fools’ Day Intimate images from kink and LGBTQ+ dating apps left exposed online "Urgent reminder" tax scam wants to phish your Microsoft credentials "Nudify" deepfakes stored unprotected online Location, name, and photos of random ki...
“Urgent reminder” tax scam wants to phish your Microsoft credentials
Tax season is in full force, and with the filing deadline fast approaching on April 15, scammers are happy to use that sense of urgency to coax us into handing them our cash. In one example, one of our customers recently received an email with an attachment titled "Urgent reminder.” The attachmen...
A week in security (March 18 – March 24)
Last week on Malwarebytes Labs: New Go loader pushes Rhadamanthys stealer Canada revisits decision to ban Flipper Zero Patch Ivanti Standalone Sentry and Ivanti Neurons for ITSM now 19 million plaintext passwords exposed by incorrectly configured Firebase instances Apex Legends Global Series...
Tax scammer goes after small business owners and self-employed people
While most tax payers don’t particularly look forward to tax season, for some scammers it’s like the opening of their hunting season. So its no surprise that our researchers have found yet another tax-related scam. In this most recent scam, weve not seen the lure the scammer uses, but it is likel...
Tax Phish Swims Past Google Workspace Email Security
A W2 tax email scam is circulating in the U.S. using Typeform, a popular software that specializes in online surveys and form building. The campaign is aimed at harvesting victims’ email account credentials, researchers said. According to Armorblox, the campaign also bypasses native Google...
Threat Outbreak Alert RuleID16000: Email Messages Distributing Malicious Software on June 16, 2015
Medium Alert ID: 39374 First Published: 2015 June 16 19:27 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID16000 may contain the following files: Name | Siz...