4707 matches found
FCC warns of steep rise in phishing over SMS
After the FCC Federal Communications Commission made a huge splash weeks ago when it told Google and Apple to pull TikTok from their respective app stores, the federal agency is now warning Americans of an increased wave of SMS phishing attacks. SMS phishing, otherwise known as smishing or...
For months, JusTalk messages were accessible to everyone on the Internet
JusTalk, a popular mobile video calling and messaging app with 20 million global users, exposed a massive database of supposedly private messages to the public Internet for months. According to security researcher Anurag Sen, who discovered the open database, the messages were stored unencrypted,...
To settle with the DoJ, Uber must confess to a cover-up. And it did.
Uber covered up the 2016 data breach that affected its 57 million customers and drivers. The confession came as part of the settlement between the DOJ US Department of Justice and the taxi company, which will see it avoid criminal prosecution. In a press release from the DOJ, Uber "admits that it...
“Free UK visa” offers on WhatsApp are fakes
A student friend recently shared a WhatsApp message, unsure if it was scam. The message claims to offer an easy to route to free visas, housing, accommodation, and medicine access. Heres how we know it was a scam, and where it lead. It read as follows: UK GOVERNMENT JOB RECRUITMENT 2022: This is...
Police seize and dismantle massive phishing operation
Europol has coordinated a joint operation to arrest members of a cybercrime gang and effectively dismantle their campaigns that netted million in Euros. This operation also led the Belgian Police Police Fédérale/Federale Politie and the Dutch Police Politie to nine arrests, 24 house searches, and...
Watch out! Tinder and Grindr users targeted by cruel scammers using real abuse photos
A horrible catfishing scam is using real abuse photos in order to lure in unsuspecting victims on sites like Tinder and Grindr. Recently unearthed by Bleeping Computer, it works like this: Boy meets good-looking girl on dating site. The longer they talk, boy notices the conversation turning into ...
Instagram verification services: What are the dangers?
Instagram, like other social platforms, has a verification system for high profile accounts. A verified badge means Instagram has confirmed that the account is the authentic presence of a public figure, celebrity or brand. Have you ever wanted to get your own account verified? We noticed a large...
$600 a week to wrap your car? It’s a scam
A friend of mine recently received a text message which they described as "intriguing, but nonsensical". They were convinced it was some sort of scam, but they werent sure what the scammers were up to. Would it turn out to be some sort of phishing attempt? A telephone scam? Banking fraud? That on...
A week in security (May 2 – 8)
Last week on Malwarebytes Labs: Google, Apple, and Microsoft step hand in hand into a passwordless future OpenSea warns of Discord channel compromise Avoid these Instagram “Get rich with Bitcoin” scams Steer clear of fake premium mobile app unlockers How Instagram scammers talk users out of their...
Craft fair vendors targeted by fake event scammers on Facebook
A real world scam which sucks the fun out of craft fairs has caused nothing but stress for victims. It may sound bizarre, but it’s actually a fairly popular attack focused on small/self-run business owners selling their own creations. Are you ready for a trip to the craft fair? You’re a small...
Hackers fool major tech companies into handing over data of women and minors to abuse
Some major tech companies have unwittingly opened harassment and exploitation opportunities to the women and children who they have pledged to protect. This happened because they provided information in response to emergency data requests from legitimate law enforcement accounts that hackers had...
“A little gift for you” SMS spam appears to come from your own phone number
If youve received a spam SMS message sent from your own phone number, dont panic. No, you werent hacked. And youre not the only one who has received such a message, which looks a bit like this: A colleague received this same spam SMS message that has been going around more frequently these past f...
When fake dating profiles try the military approach
I’ve run into many romance scams over the years. You’ll find them lurking on social media, instant messaging, chatrooms/forums, and many more besides. They’re particularly popular during times of war or natural disaster, as they often dovetail into donation and charity scams. The icing on the cak...
Data breaches leave customers very shaky, report says
Data breaches are one of the most reported cyberattacks against businesses—regardless of size and industry. And while this has highlighted cybersecurity gaps on so many fronts, some companies are still not prioritizing them as they should. Some have scrambled to be compliant but then find...
Hive ransomware: Researchers figure out a method to decrypt files
Files encrypted by ransomware cant be recovered without obtaining the decryption key, if the encryption has been done properly. But that doesnt seem to be the case for Hive ransomware. Researchers from the Kookmin University in Korea have published a method for decrypting the data scrambled by...
CISA offers guidance on dealing with information manipulation
Malicious actors use influence operations, like spreading false information, to shape public opinion, undermine trust, amplify division, and create dissension. In response, the Cybersecurity & Infrastructure Security Agency CISA has released CISA Insights: Preparing for and Mitigating Foreign...
A week in security (February 7 – February 13)
Last week on Malwarebytes Labs: Securitas breached, 3TB of airport employee records exposed How to avoid being scammed this Valentine’s Day News Corp falls victim to cyberattack “We absolutely do not care about you”: Sugar ransomware targets individuals Microsoft takes macros out of the equation...
Android malware BRATA can wipe devices
Cleafy, a cybersecurity firm specializing in online fraud, has published new details about banking Trojan BRATA Brazilian Remote Access Tool, Android, a known malware strain that first became widespread in 2019. BRATA is now being used to perform factory resets on victims machines. Its rare for...
Dark Souls servers taken offline over hacking fears
There’s been trouble brewing over the weekend for players of the smash-hit Dark Souls series. PvP player vs player servers were temporarily shut down by the developers after a hack. Dark Souls says that PvP servers for console versions PlayStation, Xbox were not affected, and that it is a...
Dark Souls servers taken offline over hacking fears
There’s been trouble brewing over the weekend for players of the smash-hit Dark Souls series. PvP servers player vs player were temporarily shut down by the developers after a hack. PvP servers for Dark Souls 3, Dark Souls 2, and Dark Souls: Remastered have been temporarily deactivated to allow t...
Red Cross begs attackers to “Do the right thing” after family reunion service compromised
Restoring Family Links is a program most commonly associated with The Red Cross. It’s been around since 1870, and aims to reunite lost family members, repatriate individuals, prevent folks from disappearing, and much more. You may have seen them in the news during times of disaster, war, and othe...
Campaign launched to delay social media end-to-end encryption
The many issues surrounding end-to-end encryption E2EE are ever-present. They usually spring up when something that could potentially affect the safety of those who are vulnerable comes to light. Back in November, Meta announced it had delayed plans to roll out E2EE on its Facebook and Instagram...
Why we don’t patch, with Jess Dodson: Lock and Code S03E02
In 2017, the largest ransomware attack ever recorded hit the world, infecting more than 230,000 computers across more than 150 countries in just 24 hours. And it could have been solved with a patch that was released nearly two months prior. This was the WannaCry ransomware attack, and its final,...
FIFA 22 phishers tackle customer support with social engineering
Players of smash hit gaming title FIFA 22 have become the target of a wave of attacks focused on account compromise. Up to 50 “high profile” accounts were hijacked by what may have been the same group. FIFA games are, traditionally, a big draw for scammers and phishers. Many sports titles offer...
A week in security (Dec 13 – 19)
Last week on Malwarebytes Labs: Spear phish, whale phish, regular phish: What’s the difference? Kronos crippled by ransomware, service may be out for weeks 5 security lessons from 18 months of working from home What SMBs can do to protect against Log4Shell attacks After Log4j, December’s Patch...
Apple’s notarization process fails to protect
In macOS Mojave, Apple introduced the concept of notarization, a process that developers can go through to ensure that their software is malware-free and must go through for their software to run on macOS Catalina. This is meant to be another layer in Apples protection against malware...
SamSam ransomware: what you need to know
SamSam ransomware is a custom infection used in targeted attacks, often deployed using a wide range of exploits or brute-force tactics. Based on our own run-ins with the infection, we've observed that attacks were made on targets via vulnerable JBoss host servers during a previous wave of SamSam...
Bogus hack apps hack users back for cryptocash
Recently, we discovered a gold…er…APK mine of fake hacking apps. The "legitimate" versions of hack apps are intended to hack other apps in order to get something for free. Although it’s unclear what exactly these fake apps claim to hack, the real hack job is done to unsuspecting users. Search and...
New Mac cryptominer has 23 older variants
On February 1, a new Mac cryptominer was discovered being distributed via a hack of the MacUpdate website. Since then, we've been doing some digging and found that this isolated incident was just the tip of the iceberg. The malware delivered by the MacUpdate hack appears to be the culmination of...
A week in security (December 04 – December 10)
Last week on the blog, we looked at a RIG EK malware campaign, explored how children are being tangled up in money mule antics, took a walk through the world of Blockchain, and gave a rundown of what's involved when securing web applications. We also laid out the trials and tribulations of the...
Solution Corner: Malwarebytes Endpoint Protection
We’ve been busy here at Malwarebytes with several product announcements recently. Malwarebytes Incident Response was released in late April, providing threat detection and remediation via our new cloud-based platform. Right on its heels, leveraging the same platform is Malwarebytes Endpoint...
This new Windows malware can take over your PC and wipe it clean
Microsoft published new research on GigaWiper, a modular Golang backdoor for Windows that combines robust remote access with multiple ways to permanently destroy systems and data. GigaWiper is a Windows backdoor that Microsoft has observed in intrusions since October 2025. Rather than being a...
Inside the dark web: Stolen identities for 95¢, malware, and scams-for-hire
Most people have heard of the dark web, but few understand what it actually looks like or what goes on there. To separate fact from fiction, our research team spent 48 hours exploring it firsthand and documenting what we found. The dark web isn't inherently bad. It also serves legitimate purposes...
Microsoft working on a fix for RoguePlanet, a flaw that grants full PC control
A publicly available exploit called RoguePlanet can give attackers the highest level of access on Windows systems. Microsoft has confirmed the vulnerability and says it's working on a security update. RoguePlanet is tracked under CVE-2026-50656, where it’s described as a Microsoft Defender...
Kodak confirms breach as ShinyHunters’ leak threat reaches deadline
The Eastman Kodak Company Kodak confirmed to BleepingComputer that it is investigating a security breach after the ShinyHunters extortion group claimed responsibility for the incident. Kodak is the latest organization to land on the group's leak site. ShinyHunters claims it stole more than 2.2...
Deepfake posting sites depicting famous women taken down by feds
Thanks to Uncle Sam, anyone trying to find nonconsensual intimate deepfakes on CFake.com and SOCFake.com will be disappointed. The US Departments of Justice DOJ and Homeland Security has seized the two domain names under the TAKE IT DOWN Act. The TAKE IT DOWN Act, signed in May 2025, is the first...
Stolen iPhones could soon be worth a lot less to thieves
The UK’s Metropolitan Police has reached an agreement with Apple designed to make stolen iPhones harder to resell and less attractive to thieves. The approach combines stronger technical protections with direct data sharing between Apple and law enforcement. In 2023, about 1.4 million mobile phon...
These convincing copyright notices are designed to steal Google logins
A new scam is targeting people who publish Chrome extensions. The scam arrives as an official-looking "copyright removal request" claiming your extension is about to be removed from the Chrome Web Store and that you have 48 hours to appeal. It even looks personalized. After you enter your...
Carnival confirms data breach impacting nearly 6 million
Carnival Corporation, parent of Carnival Cruise Line, is sending out fresh “Notice of Cybersecurity Event” letters dated May 27, 2026. If you feel like you've read that sentence before, you're not imagining things. Over the last decade, the world’s largest cruise operator has accumulated a worryi...
Fake software on GitHub and SourceForge distribute Deno RAT
During our threat hunting activities, we found fake installers and plugins impersonating popular software including ChatGPT, Claude, AutoTune, and Kontakt on GitHub and SourceForge distributing a Deno backdoor known as DinDoor. Attackers are using compromised YouTube channels to distribute links ...
Biometrics, diagnoses, and bank details exposed in major healthcare breach
NYC Health + Hospitals NYC H+H posted a data breach notice about a months‑long breach via a third‑party vendor that exposed highly sensitive patient and employee data for at least 1.8 million people, including medical records, government IDs, geolocation data, and even fingerprint and palm‑print...
Why Malwarebytes blocks some Yahoo Mail redirects
Some Malwarebytes users have recently noticed frequent web protection alerts while reading email in Yahoo Mail’s web interface. These alerts are caused by background connections from the Yahoo Mail page to a set of third‑party domains that our products and other security tools currently classify ...
Stolen Canvas data was “returned” after hacker agreement, Instructure says
The Instructure/Canvas data breach that has dominated cybersecurity coverage recently has reached a new stage. Millions of students had personal data stolen, with extortion group ShinyHunters claiming credit for the data breach and applying extra pressure for their ransom demands by bothering...
Fake YouTube copyright notices can steal your Google login
A convincing phishing campaign is going after YouTube creators, and if it works, attackers don't just steal your Google login. They can take over your entire Google account, including Gmail, your files, and payments, then hijack your YouTube channel and use your audience to run scams. The lure is...
Malwarebytes Privacy VPN receives full third-party audit
For the careful VPN customer today, so much depends upon a privacy promise, made, too often, by a company without proof. No-logs policies, modern encryption algorithms, a refusal to store sensitive customer information, and full ownership of servers are just some of the features that contribute t...
Purchase order attachment isn’t a PDF. It’s phishing for your password
An attachment named New PO 500PCS.pdf.hTM, posing as a purchase order in PDF form, turned out to be something entirely different: a credential-harvesting web page that quietly sent passwords and IP/location data straight to a Telegram bot controlled by an attacker. Imagine you’re in accounts...
February 2026 Patch Tuesday includes six actively exploited zero-days
Microsoft releases important security updates on the second Tuesday of every month, known as “Patch Tuesday.” This month’s update patches fix 59 Microsoft CVE’s including six zero-days. Let’s have a quick look at these six actively exploited zero-days. Windows Shell Security Feature Bypass...
Holiday shoppers targeted as Amazon and FBI warn of surge in account takeover attacks
The FBI has issued a public service announcement warning about a surge in account takeover ATO fraud, and the timing lines up with a major alert Amazon has just sent to its 300 million customers about brand impersonation scams. How ATO fraud works Account takeover fraud is just what it says:...
Watch out for Walmart gift card scams
You’ve probably seen it before—a bright, urgent message claiming you’ve qualified for a $750 or $1000 Walmart gift card. All you have to do is answer a few questions. It looks harmless enough. But once you click, you find yourself in a maze of surveys, redirects, and "partner offers"—without ever...
Thousands of online stores at risk as SessionReaper attacks spread
Early September, a security researcher uncovered a new vulnerability in Magento, an open-source e-commerce platform used by thousands of online retailers, and its commercial counterpart Adobe Commerce. It sounds like something straight out of a horror movie: SessionReaper. Behind the cinematic na...