4658 matches found
New warning issued over toll fee scams
Over a year ago the FBI warned about what was then a new form of smishing phishing via SMS scam: text messages that demanded payment for toll fees. The FTC sent out a similar warning in January, 2025. Then, in April another wave of toll fee scams began doing the rounds. Now the Departments of Mot...
Google to pay $1.38 billion over privacy violations
The state of Texas reached a mammoth financial agreement with Google last week, securing $1.375 billion in payments to settle two three year-old lawsuits. The Office of Texas Attorney General Ken Paxton originally filed the first lawsuit against Google in January 2022, complaining that the tech...
On world password day, Microsoft says fewer passwords, more passkeys
And we agree. If there is a cybersecurity themed day that we would like to get rid as soon as possible it’s world password day. Sorry, old friend, but you’re outdated, and it looks like your days are numbered. Let's switch to passkeys. To quote Microsoft: “As the world shifts from passwords to...
Zero-day attacks on browsers and smartphones drop, says Google
Cybercriminals are having less success targeting end-user technology with zero-day attacks, said Google's security team this week. While most attacks do still target personal technology like smartphones and browsers, the focus is moving increasingly to enterprise tech. Zero-day vulnerabilities ar...
Fake Social Security Statement emails trick users into installing remote tool
Fake emails pretending to come from the US Social Security Administration SSA try to get targets to install ScreenConnect, a remote access tool. This campaign was flagged and investigated by the Malwarebytes Customer Support and Research teams. ScreenConnect, formerly known as ConnectWise Control...
Google AI taken for a ride by April Fools’ Day joke
Cwmbran in Wales, a town with a population of just under 50,000, holds the Guinness World Record for the most roundabouts—at least according to Google AI Overviews. Except that's not actually true… Ben Black has been publishing lighthearted fake stories on April Fools’ Day for his community news...
Intimate images from kink and LGBTQ+ dating apps left exposed online
A researcher found millions of pictures from specialized dating apps for iOS stored online without any kind of password protection. The pictures, some of which are explicit, stem from dating apps that all have a specific audience. The five platforms, all developed by M.A.D. Mobile are kink sites...
Moving from WhatsApp to Signal: A good idea?
This week we learned that the US Government uses Signal for communication, after a journalist was accidentally added to a Signal chat. Accidental additions of people aside, the news has got regular folks asking if they should, too, be using Signal for private communications. Probably the largest...
Phishing evolves beyond email to become latest Android app threat
There are plenty of phish in the sea, and the latest ones have little interest in your email inbox. In 2024, Malwarebytes detected more than 22,800 phishing apps on Android, according to the recent 2025 State of Malware report. Of those malicious apps, 5,200 could subvert one of the strongest...
A week in security (February 3 – February 9)
Last week on Malwarebytes Labs: WhatsApp says Paragon is spying on specific users New AI "agents" could hold people for ransom in 2025 Valley News Live exposed more than a million job seeker’s resumes Small business owners, secure your web shop University site cloned to evade ad detection...
A week in security (January 27 – February 2)
Last week on Malwarebytes Labs: ClickFix vs. traditional download in new DarkGate campaign Cybercrime gets a few punches on the nose Microsoft advertisers phished via malicious Google ads The DeepSeek controversy: Authorities ask where does the data come from and how safe is it? These are the 10...
Microsoft advertisers phished via malicious Google ads
Just days after we uncovered a campaign targeting Google Ads accounts, a similar attack has surfaced, this time aimed at Microsoft advertisers. These malicious ads, appearing on Google Search, are designed to steal the login information of users trying to access Microsoft's advertising platform...
A week in security (January 20 – January 26)
Last week on Malwarebytes Labs: Your location or browsing habits could lead to price increases when buying online AI tool GeoSpy analyzes images and identifies locations in seconds 7-Zip bug could allow a bypass of a Windows security feature. Update now Warning: Don’t sell or buy a second hand...
No company too small for Phobos ransomware gang, indictment reveals
The US Department of Justice has charged a Russian national named Evgenii Ptitsyn with selling, operating, and distributing a ransomware variant known as “Phobos” during a four-year cybercriminal campaign that extorted at least $16 million from victims across the world. The government’s indictmen...
AI Granny Daisy takes up scammers’ time so they can’t bother you
A mobile network operator has called in the help of Artificial Intelligence AI in the battle against phone scammers. Virgin Media O2 in the UK has built an AI persona called Daisy with the sole purpose of keeping scammers occupied for as long as possible. Basically, until the scammers give up,...
TikTok ordered to close Canada offices following “national security review”
The Government of Canada ordered the TikTok Technology Canada Inc. to close its offices in the country following a national security review. This decision was made in accordance with the Investment Canada Act, which allows for the review of foreign investments that may be injurious to Canada’s...
Why your vote can’t be “hacked,” with Cait Conley of CISA (Lock and Code S05E23)
This week on the Lock and Code podcast … The US presidential election is upon the American public, and with it come fears of "election interference." But "election interference" is a broad term. It can mean the now-regular and expected foreign disinformation campaigns that are launched to sow...
A week in security (October 21 – October 27)
Last week on Malwarebytes Labs: 100 million US citizens officially impacted by Change Healthcare data breach Pinterest tracks users without consent, alleges complaint After concerns of handing Facebook taxpayer info, four companies found to have improperly shared data LinkedIn bots and spear...
A week in security (October 14 – October 20)
Last week on Malwarebytes Labs: Unauthorized data access vulnerability in macOS is detailed by Microsoft 23andMe will retain your genetic information, even if you delete the account "Nudify" deepfake bots remove clothes from victims in minutes, and millions are using them Tor Browser and Firefox...
Election season raises fears for nearly a third of people who worry their vote could be leaked
As the United States enters full swing into its next presidential election, people are feeling worried, unsafe, and afraid. And none of that has to do with who wins. According to new research from Malwarebytes, people see this election season as a particularly risky time for their online privacy...
Google Search user interface: A/B testing shows security concerns remain
For the past few days, Google has been A/B testing some subtle visual changes to its user interface for the search results page. You may only get the new UI for certain types of searches or based on your current geolocation. This test is not to be confused with but could part of a previously...
Telegram will hand over user details to law enforcement
Last month we reported how Telegram CEO Pavel Durov was indicted on charges of complicity in the distribution of child sex abuse images, aiding organized crime, drug trafficking, fraud, and refusing lawful orders to give information to law enforcement. Now, in a potentially related development,...
Don’t share the viral Instagram Meta AI “legal” post
A new variation of a hoax that has been doing the rounds on Facebook for years has crossed over to Instagram. We’re seeing this post on Instagram Stories a lot suddenly over the last few days. The post is usually posted as a shareable screenshot on Instagram Stories, but it’s also been spotted on...
SpaceX, CNN, and The White House internal data allegedly published online. Is it real?
A cybercriminal has released internal data online that they say has come from leaks at several high-profile sources, including SpaceX, CNN, and the White House. However, there are some questions around the reliability and usefulness of the released data, so we took a closer look. When it comes to...
Snapchat wants to put your AI-generated face in its ads
Snapchat is reserving the right to use your selfie images to power Cameos, Generative AI, and other experiences on Snapchat, including ads, according to our friends at 404 Media, The Snapchat Support page about its My Selfie feature says: “You’ll take selfies with your Snap camera or select image...
A week in security (September 9 – September 15)
Last week on Malwarebytes Labs: Ford seeks patent for conversation-based advertising Scammers advertise fake AppleCare+ service via GitHub repos Facebook scrapes photos of kids from Australian user profiles to train its AI PartnerLeak scam site promises victims full access to "cheating" partner’s...
Iranian cybercriminals are targeting WhatsApp users in spear phishing campaign
An Iranian state-sponsored group often referred to as Iran’s Islamic Revolutionary Guard Corps IRGC is making headlines again this season as Meta disclosed that the cybercriminals targeted WhatsApp users in Israel, Palestine, Iran, the UK, and the US. Other names for this group—depending on the...
Fake Canva home page leads to browser lock
In a previous blog post, we showed how fraudsters were leveraging features from the very company Microsoft they were impersonating. We continue this series with another clever trick abusing Canva, a popular online tool for graphic design. This time, the scammers registered an account on Canva to...
Telegram CEO Pavel Durov charged with allowing criminal activity
France has indicted the CEO of the popular messaging app Telegram on charges of complicity in the distribution of child sex abuse images, aiding organized crime, drug trafficking, fraud, and refusing lawful orders to give information to law enforcement. The arrest warrants for Pavel Durov and his...
CODAC Behavioral Healthcare, US Marshalls are latest ransomware targets
The Qilin ransomware group listed CODAC Behavioral Healthcare, a nonprofit health care treatment organization, as one of their latest victims. Qilin seems to have a preference for healthcare and support organizations. One of their most well-known victims was the pathology lab services provider...
Move over malware: Why one teen is more worried about AI (re-air) (Lock and Code S05E18)
This week on the Lock and Code podcast… Every age group uses the internet a little bit differently, and it turns out for at least one Gen Z teen in the Bay Area, the classic approach to cyberecurity—defending against viruses, ransomware, worms, and more—is the least of her concerns. Of far more...
Millennials’ sense of privacy uniquely tested in romantic relationships
Millennials are in a bind. According to a new analysis of research released earlier this year by Malwarebytes, Millennials are significantly more likely than every other generation to feel that there is no need to share their online account logins with boyfriends, girlfriends, spouses, or...
A week in security (August 12 – August 18)
Last week on Malwarebytes Labs: Dozens of Google products targeted by scammers via malicious search ads Microsoft patches bug that could have allowed an attacker to revert your computer back to an older, vulnerable version We’re making it easier for you to protect your identity X accused of...
AI girlfriends want to know all about you. So might ChatGPT (Lock and Code S05E17)
This week on the Lock and Code podcast… Somewhere out there is a romantic AI chatbot that wants to know everything about you. But in a revealing overlap, other AI tools—which are developed and popularized by far larger companies in technology—could crave the very same thing. For AI tools of any...
Security company ADT announces security breach of customer data
Electronic surveillance equipment provider ADT filed a form 8-K with the Security and Exchange Commision SEC to report “a cybersecurity incident during which unauthorized actors illegally accessed certain databases containing ADT customer order information.” An 8-K is a report of unscheduled...
A week in security (July 29 – August 4)
Last week on Malwarebytes Labs: Threat actor impersonates Google via fake ad for Authenticator Scammers are impersonating cryptocurrency exchanges, FBI warns Meta to pay $1.4 billion over unauthorized facial recognition image capture Apple fixes Siri vulnerabilities that could have allowed...
Scammers are impersonating cryptocurrency exchanges, FBI warns
The Federal Bureau of Investigation FBI issued a public service announcement warning the public about scammers impersonating cryptocurrency exchange employees to steal funds. There are many types of crypto related scams, but in this case, the FBI provided an advisory about scammers that contact t...
Threat actor impersonates Google via fake ad for Authenticator
We have previously reported on the brand impersonation issue with Google ads: users who search for popular keywords are shown malicious ads that purport to be from an official vendor. Not only does this trick innocent victims into downloading malware or losing their data to phishing sites, it als...
Google admits it can’t quite quit third-party cookies
For more than a year, Google has said it would phase out the third-party tracking cookies that power much of its advertising business online, proposing new ideas that would allegedly preserve user privacy while still providing businesses with steady revenue streams. This week, Google tossed much ...
Heritage Foundation data breach containing personal data is available online
The Heritage Foundation this month denied that it had suffered an earlier system breach and the subsequent leaking of internal data. But the organization had to admit that cybercriminals gained access to an archive of Heritages affiliated media site, The Daily Signal, dating back to 2022. That...
Peloton accused of providing customer chat data to train AI
It seems that Peloton may have been providing more training than just for its customers, as its set to face court in California accused of using user chat data to train AI. Peloton Interactive, Inc. is a US-based exercise equipment and media company, known for its stationary bicycles, treadmills,...
Ticketmaster says stolen Taylor Swift Eras Tour tickets are useless
While cybercriminals are offering free tickets to Taylor Swift Eras Tour and other events, Ticketmaster is telling would-be purchasers that these tickets will prove to be worthless. Those who have claimed responsibility for the Ticketmaster data breach say they’ve stolen 440,000 tickets for Taylo...
Prudential Financial data breach impacts 2.5 million people, not 36,000 as first thought
In February 2024, Prudential Financial reported it had fallen victim to a ransomware attack. The attack was discovered one day after it started, but not before some 2.5 million people had been impacted by the resulting data breach. As one of the largest insurance companies in the US, Prudential...
A week in security (June 24 – June 30)
Last week on Malwarebytes Labs: TEMU sued for being "dangerous malware" by Arkansas Attorney General Driving licences and other official documents leaked by authentication service used by Uber, TikTok, X, and more "Poseidon" Mac stealer distributed via Google ads Federal Reserve "breached" data m...
[updated] Federal Reserve “breached” data may actually belong to Evolve Bank
A shockwave went through the financial world when ransomware group LockBit claimed to have breached the US Federal Reserve, the central banking system of the United States. On LockBits dark web leak site, the group threatened to release over 30 TB of banking information containing Americans banki...
A week in security (February 19 – February 25)
Last week on Malwarebytes Labs: Joomla! patches XSS flaws that could lead to remote code execution Update now! ConnectWise ScreenConnect vulnerability needs your attention Why ransomware gangs love using RMM tools—and how to stop them Signal to shield user phone numbers by default Vibrator virus...
Safer Internet Day, or why Brad Pitt needed an internet bodyguard
February 6, 2024 is Safer Internet Day. When I was asked to write about the topic, I misunderstood the question and heard: “can you cover save the internet” and we all agreed that it might be too late for that. While we laughed about it, it made me think. The internet has been around for quite so...
Fidelity National Financial acknowledges data breach affecting 1.3 million customers
In November 2023, real estate services company Fidelity National Financial FNF got its systems knocked offline for a week after a cyberincident. As is often the case these days, it turns out that the cyberincident was very likely a ransomware attack that included a data breach. Ransomware operato...
Microsoft disables ms-appinstaller after malicious use
In what might be conceived as one of Microsoft’s new year resolutions, it has disclosed that its turned off the ms-appinstaller protocol handler by default. The change is designed to make installing apps easier, but it also makes installing malware easier. Typically, an app needs to be on a devic...
Apple to introduce new feature that makes life harder for iPhone thieves
Reportedly, Apple has plans to make it harder for iPhone thieves to steal your personal information even if they have your device’s passcode. A new feature called Stolen Device Protection is included in the beta version of iOS 17.3. The feature limits access to your private information in case...