Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research Cyberattacks

A Chinese national accused of being a member of the Silk Typhoon hacking group has been extradited to the U.S. from Italy. Xu Zewei, 34, was arrested in July 2025 by Italian authorities for his alleged links to the Chinese state-sponsored threat group and for orchestrating cyber attacks against...

Spoofing Bug Highlights Cybersecurity for Digital Vaccine Passports

Three weeks after an independent researcher found a critical bug in the Services Australia COVID-19 digital vaccine certificate that would allow an attacker to falsify someone’s vaccine status, it still hasn’t been fixed. Researcher Richard Nelson looked into the security behind a new digital...

Dark Web Getting Loaded With Bogus Covid-19 Vaccines and Forged Cards

Bogus COVID-19 test results, fraudulent vaccination cards, and questionable vaccines are emerging a hot commodity on the dark web in what's the latest in a long list of cybercrimes capitalizing on the coronavirus pandemic. "A new and troubling phenomenon is that consumers are buying COVID-19...

Phishers Delivering Increasingly Convincing Lures

Innovative twists on banking scams and corporate-account hunters wielding increasingly clever lures, including those with COVID-19 vaccine promises, are likely to dominate the spam and phishing landscape throughout Q2 2021, according to researchers. And although no new wild trends have emerged,...

Bad Bot Traffic on Healthcare Websites Rises 372% As Vaccines Become Available Globally

Nations around the world are racing to acquire COVID-19 vaccines and assemble digital infrastructure and web applications to enable appointment booking. As they do this, Imperva Research Labs has monitored a staggering 372% increase in bad bot traffic on healthcare websites globally since Septemb...

Web Application Attacks on Healthcare Spike 51% As COVID-19 Vaccines are Introduced

As the first vials of COVID-19 vaccines were disseminated in December, Imperva Research Labs monitored an astounding 51% increase in web application attacks on healthcare targets. The activity concludes an unprecedented year of cybersecurity activity. Imperva data shows the healthcare industry...

A Look Ahead at 2021: SolarWinds Fallout and Shifting CISO Budgets

The new year started off with a bang, with the SolarWinds hack revealed in late December acting as a jarring reminder to companies and U.S. government departments alike that cybercriminals continue to successfully exploit security lapses in technology. But beyond the SolarWinds supply-chain...

Predicting the Unpredictable: What Will the Cybersecurity Space Look Like in 2021?

Not to start off another blog post about how insane this year has been, but let’s just take a moment to appreciate HOW INSANE THIS YEAR HAS BEEN. As I sat down to write this blog post, I took a look at last year’s predictions post and was amused to see how little we knew about what was coming. An...

A week in security (December 7 – December 13)

Last week on Malwarebytes podcast we talked to Doug Levin, founder of the K12 cybersecurity resource center and advisor to the K12 Security Information Exchange, about how schools can plan for a cybersecure 2021. We also released a Malwarebytes Labs report revealing that 50 percent of schools did...

Buying COVID-19 vaccines from the Dark Web? No thanks!

Even though we hope that this is an unnecessary warning, we do want to put it out there. As soon as there was talk about a vaccine being available against the COVID-19 virus there were vendors on the Dark Web offering Russian and Chinese COVID-19 vaccines for sale. Now that the UK has started its...

The Postal Service's Surprising Role in Surviving Doomsday

The little-known Postal Plan, which dates back to the Clinton era, charges mail carriers with delivering critical supplies—like vaccines—as a last resort...