4661 matches found
A week in security (Oct 11 – Oct 17)
Last week on Malwarebytes Labs Google warns some users that FancyBear’s been prowling around Inside Apple: How macOS attacks are evolving The joy of phishing your employees ExpressVPN made a choice, and so did I: Lock and Code S02E19 Update now! Apple patches another privilege escalation bug in i...
Internet safety tips for kids and teens: A comprehensive guide for the modern parent
When it comes to picking a new device for your child, its often difficult to know where to start. Whether youre looking for a smartphone, a laptop, a gaming device or something else, or even just signing up for an account online, you want to make sure your kids are protected. Its important to get...
Apple’s notarization process fails to protect
In macOS Mojave, Apple introduced the concept of notarization, a process that developers can go through to ensure that their software is malware-free and must go through for their software to run on macOS Catalina. This is meant to be another layer in Apples protection against malware...
The cybersecurity skills gap is misunderstood
Nearly every year, a trade association, a university, an independent researcher, or a large corporation—and sometimes all of them and many in between—push out the latest research on the cybersecurity skills gap, the now-decade-plus-old idea that the global economy lacks a growing number of...
SamSam ransomware: what you need to know
SamSam ransomware is a custom infection used in targeted attacks, often deployed using a wide range of exploits or brute-force tactics. Based on our own run-ins with the infection, we've observed that attacks were made on targets via vulnerable JBoss host servers during a previous wave of SamSam...
A week in security (April 23 – April 29)
Last week, we dug into behavioral biometrics, explored a new crossrider variant, and embraced the power of "no." We also launched another CrackMe challenge, took a deep dive into smart toys, and finished up with a look at digital privacy in the age of IoT. Other news LinkedIn does battle with...
Bogus hack apps hack users back for cryptocash
Recently, we discovered a gold…er…APK mine of fake hacking apps. The "legitimate" versions of hack apps are intended to hack other apps in order to get something for free. Although it’s unclear what exactly these fake apps claim to hack, the real hack job is done to unsuspecting users. Search and...
New Mac cryptominer has 23 older variants
On February 1, a new Mac cryptominer was discovered being distributed via a hack of the MacUpdate website. Since then, we've been doing some digging and found that this isolated incident was just the tip of the iceberg. The malware delivered by the MacUpdate hack appears to be the culmination of...
A week in security (December 04 – December 10)
Last week on the blog, we looked at a RIG EK malware campaign, explored how children are being tangled up in money mule antics, took a walk through the world of Blockchain, and gave a rundown of what's involved when securing web applications. We also laid out the trials and tribulations of the...
FTC providing partial refunds for Advanced Tech Support victims
Last month, the FTC announced the recovery of 10 million dollars from Advanced Tech Support, one of the most successful US-based tech support scammers ever. This money will be put towards partial refunds for victims of ATS who purchased products or services from them between April 2012 and Novemb...
Please stop posting your X-rays to social media
Social media is fun. Posting pictures and sharing them with friends is a great technology. But please, we beg you, stop posting your medical imaging results to Instagram, Twitter, and Facebook. Why? What if you get a gnarly fracture from a really awesome snowboarding stunt and you want to share...
Deepfake porn sites are going offline (re-air) (Lock and Code S07E12)
This week on the Lock and Code podcast … If you weren't taking deepfakes seriously before, it's too late now to ignore them. According to new research from Malwarebytes, one in three people who use AI every day said it's okay to generate pornography of people without their consent. Nearly 10 year...
AI: Threat, tool, or both?
Public attitudes toward Artificial Intelligence AI are changing, and we wanted to understand why. A recent Pew Research survey found that about half of adults say the increased use of AI in daily life makes them more concerned than excited, and that concern has grown over the last few years. Peop...
Meta’s AI support bot happily handed Instagram accounts to hackers
Customer service chatbots have one job: get the user what they're asking for without bothering a human. Meta's new AI support assistant took that brief a little too seriously. Over the past few months, attackers have been opening support chats, telling the bot they were locked out of Instagram...
Keep getting calls from questionable numbers? Meet Scam Number Check
Have you ever gotten a phone call and had a gut feeling that those random digits looked extra suspicious? It happens to millions of people every day. While many people have trained themselves to ignore such calls, they still pose a threat across the US. In fact, scammers stole more than $21 billi...
Fake software on GitHub and SourceForge distribute Deno RAT
During our threat hunting activities, we found fake installers and plugins impersonating popular software including ChatGPT, Claude, AutoTune, and Kontakt on GitHub and SourceForge distributing a Deno backdoor known as DinDoor. Attackers are using compromised YouTube channels to distribute links ...
Catch spyware in the act with Windows Webcam Monitoring
You’re working hard late at night, replying to emails and planning the week ahead. Then suddenly, a PDF file requests access to your camera. Why would a PDF need camera access? Cybercriminals often disguise spyware inside seemingly harmless files and programs. An unexpected request for access to...
YouTube wants your face to fight deepfakes
If you're worried about deepfake likenesses of yourself showing up online, you're not alone; YouTube is worried for you. It wants to protect you by having you upload a selfie video and government ID to its site. The idea is that the video giant will use its own AI to patrol the service for fake...
Massive AI investment scam network spans 15,500 domains
Researchers tracked a large AI‑themed investment scam campaign involving more than 15,000 domains. It uses cloaking and deepfakes to hide from security tools while targeting ordinary users. Criminals abused the Keitaro ad-tracking platform as part of a cloaking system so real victims see scam...
If a fake moustache can fool age checks, is the Online Safety Act working?
A report based on a survey by the UK’s Internet Matters shows that much of the responsibility for managing the online safety of children still falls on families. The Online Safety Act came into effect in July, 2025, and the report explores what has changed in the online lives of UK families since...
Fake Google Antigravity downloads are stealing accounts in minutes
Somebody went looking for Google’s new Antigravity coding tool this week, clicked download, ran the installer, and got exactly what they thought they were getting. Antigravity installed cleanly. A shortcut appeared on the desktop. The application opened and worked. Nothing looked or felt wrong. B...
NSFW app leak exposes 70,000 prompts linked to individual users
MyLovely.AI, an AI “artwork” generation platform, has reportedly been compromised, affecting 106,362 registered users. The AI girlfriend app allows users to generate personalized NSFW content and engage in real-time conversations with AI-generated personas, often sharing highly personal prompts a...
This Android vulnerability can break your lock screen in under 60 seconds
A vulnerability in Android devices can allow attackers to gain access to a phone in less than a minute. The vulnerability, tracked as CVE-2026-20435, affects certain MediaTek SoCs System-on-a-Chip using Trustonic’s TEE Trusted Execution Environment. That may sound rare, but reportedly that’s abou...
WhatsApp rolls out new protections against advanced exploits and spyware
WhatsApp is quietly rolling out a new safety layer for photos, videos, and documents, and it lives entirely under the hood. It won't change how you chat, but it will change what happens to the files that move through your chats—especially the kind that can hide malware. The new feature, called...
Watch out for AT&T rewards phishing text that wants your personal details
A coworker shared this suspicious SMS where AT&T supposedly warns the recipient that their reward points are about to expire. Phishing attacks are growing increasingly sophisticated, likely with help from AI. They're getting better at mimicking major brands—not just in look, but in behavior...
Google ads funnel Mac users to poisoned AI chats that spread the AMOS infostealer
Researchers have found evidence that AI conversations were inserted in Google search results to mislead macOS users into installing the Atomic macOS Stealer AMOS. Both Grok and ChatGPT were found to have been abused in these attacks. Forensic investigation of an AMOS alert showed the infection...
December Patch Tuesday fixes three zero-days, including one that hijacks Windows devices
These updates from Microsoft fix serious security issues, including three that attackers are already exploiting to take control of Windows systems. In total, the security update resolves 57 Microsoft security vulnerabilities. Microsoft isn't releasing new features for Windows 10 anymore, so Windo...
How to set up two-factor authentication (2FA) on your Facebook account
While two-factor authentication 2FA is not completely fool-proof, it is one of the best ways to protect your accounts from hackers. It adds an extra step when logging in, which is a small extra effort for you, but it dramatically boosts your security. With 2FA, you’ll be asked for a special login...
Google bug allowed phone number of almost any user to be discovered
Google has fixed vulnerabilities that made it possible to retrieve the phone numbers of almost any Google user. The flaw was found in the flow that allows users to recover their Google account using a phone number. A cybersecurity researcher called Brutecat was able to figure out the phone number...
Scammers are constantly changing the game, but so are we. Introducing Malwarebytes Scam Guard
Mobile scams are becoming increasingly sophisticated, leaving people vulnerable to cybercriminals. We recently reported on the ever-increasing number of scams that are created by AI-supported tools, with attackers crafting highly convincing phishing emails that target both individuals and...
Victims risk AsyncRAT infection after being redirected to fake Booking.com sites
Cybercriminals have started a campaign of redirecting links placed on gaming sites and social media—and as sponsored ads—that lead to fake websites posing as Booking.com. According to Malwarebytes research, 40% of people book travel through a general online search, creating a lot of opportunities...
What does Facebook know about me? (Lock and Code S06E11)
This week on the Lock and Code podcast … There's an easy way to find out what Facebook knows about you—you just have to ask. In 2020, the social media giant launched an online portal that allows all users to access their historical data and to request specific types of information for download...
A week in security (May 19 – May 25)
Last week on Malwarebytes Labs: Lumma information stealer infrastructure disrupted Stalkerware apps go dark after data breach Scammers are using AI to impersonate senior officials, warns FBI 23andMe and its customers’ genetic data bought by a pharmaceutical org Malware-infected printer delivered...
Data broker protection rule quietly withdrawn by CFPB
The Consumer Financial Protection Bureau CFPB has decided to withdraw a 2024 rule to limit the sale of Americans’ personal information by data brokers. In a Federal Register notice published yesterday, the CFPB said it "has determined that legislative rulemaking is not necessary or appropriate at...
A week in security (May 4 – May 10)
Last week on Malwarebytes Labs: The AI chatbot cop squad is here Lock and Code S06E09 Android fixes 47 vulnerabilities, including one zero-day. Update as soon as you can! "Your privacy is a promise we don’t break": Dating app Raw exposes sensitive user data FBI issues warning as scammers target...
What privacy? Perplexity wants your data, builds browser to track you and serve ads
AI search service Perplexity AI doesn't just want you using its app—it wants to take over your web browsing experience too. The company is planning to launch its own browser, called Comet, next month. But what does this mean for your privacy? Launched in 2022, Perplexity AI is an AI-powered searc...
A week in security (April 21 – April 27)
Last week on Malwarebytes Labs: AI is getting "creepy good" at geo-guessing Zoom attack tricks victims into allowing remote access to install malware and steal money Android malware turns phones into malicious tap-to-pay machines 4.7 million customers’ data accidentally leaked to Google by Blue...
4.7 million customers’ data accidentally leaked to Google by Blue Shield of California
Blue Shield of California leaked the personal data of 4.7 million people to Google after a Google Analytics misconfiguration. The tech giant may have used this data for targeted advertising, according to Blue Shield, which is one of the largest health insurers in the US. In a data breach notice o...
Hertz data breach caused by CL0P ransomware attack on vendor
The Hertz Corporation, on behalf of Hertz, Dollar, and Thrifty brands, is sending breach notifications to customers who may have had their name, contact information, driver's license, and—in rare cases—Social Security Number exposed in a data breach. The car rental giant’s data was stolen in a...
Meta slurps up EU user data for AI training
European Facebook users have so far avoided having their public posts used to train parent company Meta's AI model. That's about to change, the company has warned. In a blog post today, it said that EU residents' data was fair game and it would be slurping up public posts for training soon...
72% of people are worried their data is being misused by the government, and that’s not all…
Bad vibes are big news in privacy right now, with the public feeling isolated in securing their sensitive information from companies, governments, AI models, and scammers. That’s the latest from Malwarebytes research conducted this month, which revealed that the vast majority of people are...
Warning over free online file converters that actually install malware
The FBI Denver Field Office has warned of an increasing number of scammy websites offering free online file converter services. Instead of converting files, the tools actually load malware onto victims’ computers. The FBI warned specifically about that malware leading to ransomware attacks, but...
Fake CAPTCHA websites hijack your clipboard to install information stealers
There are more and more sites that use a clipboard hijacker and instruct victims on how to infect their own machine. I realize that may sound like something trivial to steer clear from, but apparently it’s not because the social engineering behind it is pretty sophisticated. At first, these attac...
Android botnet BadBox largely disrupted
Removing 24 malicious apps from the Google Play store and silencing some servers almost halved a botnet known as BadBox. The BadBox botnet focuses on Android devices, but not just phones. It also affects other devices like TV streaming boxes, tablets, and smart TVs. The German BSI Federal Office...
DeepSeek found to be sharing user data with TikTok parent company ByteDance
A couple of weeks ago we reported on the concerns surrounding data collection and security at DeepSeek, the Chinese AI company which recently made headlines for shaking up the industry after seemingly appearing from nowhere to become top of the app download charts. Now South Korea’s Personal...
A suicide reveals the lonely side of AI chatbots, with Courtney Brown (Lock and Code S06E03)
Today on the Lock and Code podcast … In February 2024, a 14-year-old boy from Orlando, Florida, committed suicide after confessing his love to the one figure who absorbed nearly all of his time—an AI chatbot. For months, Sewell Seltzer III had grown attached to an AI chatbot modeled after the...
Valley News Live exposed more than a million job seeker’s resumes
Making your own bad news is not what Valley News Live had in mind, but negligence comes at a price. Cybernews researchers found an unprotected AWS S3 bucket that belongs to Take Valley News Live, a North Dakota-based television station. Gray Television, the owner of Valley News Live, makes for th...
New AI “agents” could hold people for ransom in 2025
A paradigm shift in technology is hurtling towards us, and it could change everything we know about cybersecurity. Uhh, again, that is. When ChatGPT was unveiled to the public in late 2022, security experts looked on with cautious optimism, excited about the new technology but concerned about its...
Connected contraptions cause conniption for 2024
The holidays are upon us, which means now is the perfect time for gratitude, warmth, and—because modern society has thrust it upon us—gift buying. It’s Bluey and dig kits and LEGOs for kids, Fortnite and AirPods and backpacks for tweens, and, for an adult you particularly love, it’s televisions,...
A week in security (December 2 – December 8)
Last week on Malwarebytes Labs: Europol takes down criminal data hub Manson Market in busy month for law enforcement Americans urged to use encrypted messaging after large, ongoing cyberattack Crypto’s rising value likely to bring new wave of scams AI chatbot provider exposes 346,000 customer...