4706 matches found
How fake party invitations are being used to install remote access tools
“You’re invited!” It sounds friendly, familiar and quite harmless. But in a scam we recently spotted, that simple phrase is being used to trick victims into installing a full remote access tool on their Windows computers—giving attackers complete control of the system. What appears to be a casual...
Grok apologizes for creating image of young girls in “sexualized attire”
Another AI system designed to be powerful and engaging ends up illustrating how guardrails routinely fail when development speed and feature races outrun safety controls. In a post on X, AI chatbot Grok confirmed that it generated an image of young girls in “sexualized attire.” The potential...
Pornhub tells users to expect sextortion emails after data exposure
After a recent data breach that affected Pornhub Premium members, Pornhub has updated its online statement to warn users about potential direct contact from cybercriminals. “We are aware that the individuals responsible for this incident have threatened to contact impacted Pornhub Premium users...
Chrome extension slurps up AI chats after users installed it for privacy
This case highlights a growing grey area in consumer privacy: data collection that is technically disclosed, but so far outside user expectations that most people would never knowingly agree to it. The next time you tell an AI chat assistant your deepest secrets, think twice; you never know who o...
How attackers use real IT tools to take over your computer
A new wave of attacks is exploiting legitimate Remote Monitoring and Management RMM tools like LogMeIn Resolve formerly GoToResolve and PDQ Connect to remotely control victims’ systems. Instead of dropping traditional malware, attackers trick people into installing these trusted IT support progra...
Mac users warned about new DigitStealer information stealer
A new infostealer called DigitStealer is going after Mac users. It avoids detection, skips older devices, and steals files, passwords, and browser data. We break down what it does and how to protect your Mac. Researchers have described a new malware called DigitStealer that steals sensitive...
Samsung zero-day lets attackers take over your phone
A critical vulnerability has put Samsung mobile device owners at risk of sophisticated cyberattacks. On November 10, 2025, the US Cybersecurity and Infrastructure Security Agency CISA added a vulnerability, tracked as CVE-2025-21042, to its Known Exploited Vulnerabilities KEV catalog. The KEV...
Malwarebytes scores 100% in AV-Comparatives Stalkerware Test 2025
The AV-Comparatives Stalkerware Test 2025 delivers a sobering look at the evolving threat posed by stalkerware on mobile devices. Despite measures from both the tech industry and platform providers, stalkerware-type apps, which are apps that can be installed covertly to spy on a victim’s private...
Apple patches 50 security flaws—update now
Apple has released security updates for iPhones, iPads, Macs, Apple Watches, Apple TVs, Safari, and Xcode, fixing nearly 50 security flaws. Some of these bugs could let cybercriminals see your private data, take control of parts of your device, or break key security protections. Installing these...
Roku accused of selling children’s data to advertisers and brokers
The state of Florida has accused Roku, which powers many smart TVs and streaming devices, of selling children's data to third parties without their consent. According to the Florida Attorney General James Uthmeier, Roku collected viewing habits, voice recordings, and precise geolocation from kids...
Pixel-stealing “Pixnapping” attack targets Android devices
Researchers at US universities have demonstrated how a malicious Android app can trick the system into leaking pixel data. That may sound harmless, but imagine if a malicious app on your Android device could glimpse tiny bits of information on your screen—even the parts you thought were secure,...
Phishers target 1Password users with convincing fake breach alert
In a very recent and well-targeted phishing attempt, scammers tried to get hold of the 1Password credentials belonging to a Malwarebytes’ employee. Stealing someone’s 1Password login would be like hitting the jackpot for cybercriminals, because they potentially export all the saved logins the...
WinRAR vulnerability exploited by two different groups
On July 30, 2025, WinRAR released a new version 7.13 Final to patch a vulnerability which was used in two separate malware campaigns. WinRAR is a popular file archiving and data compression tool that allows users to compress files into smaller archives, like RAR and ZIP, and can also unpack vario...
Scam hunter scammed by tax office impersonators
The next time you shake your head at another online scam and vow that you'd never fall for it, remember that even the most tech-savvy people can sometimes slip up. A case in point: Julie-Anne Kearns. This self-made scam-hunter told her story to the Guardian last week, revealing how she had been...
That seemingly innocent text is probably a scam
A special thanks to all the people at Malwarebytes and ThreatDown for sharing the text messages they received from scammers. Many of us have received texts like these. Often super short, some flirty, some with a business tone, or sometimes just a simple ‘hello.’ You don't know the sender, and the...
Proton launches Lumo, a privacy-focused AI chatbot
Proton, known for its privacy focused set of services, announced the introduction of Lumo, a privacy-first Artificial Intelligence AI chatbot. It is good to know before you dive in that Proton’s chatbot has two user options that offer a very different experience. If you want Lumo to access the...
Smart air fryers ordered to stop invading our digital privacy
In a confirmation that we've gone full Black Mirror, the UK's privacy czar has wagged a finger at air fryer manufacturers and told them to stop playing with our data. New draft guidance from the Information Commissioner's Office ICO targets not just air fryer vendors but manufacturers of any smar...
23andMe raked by Congress on privacy, sale of genetic data
In a Senate hearing adequately titled “23 and You: The Privacy and National Security Implications of the 23andMe Bankruptcy,” 23andMe executives addressed concerns about the privacy implications of the company’s sale and the handling of associated genetic data. For those who missed the latest...
Been scammed online? Here’s what to do
Unfortunately, people getting scammed online is a frequent event. Scammers are getting better at social engineering and are using Artificial Intelligence AI to sound more authentic and eliminate any spelling errors. It really can happen to anyone, so there's no need to feel embarrassed if you hav...
Juice jacking warnings are back, with a new twist
Remember juice jacking? It's a term that crops up every couple of years to worry travelers. This spring has seen another spate of stories, including a new, more sophisticated form of attack. But how much of a threat is it, really? Juice jacking is where an attacker uses a malicious public USB...
Meta sent cease and desist letter over AI training
EU privacy advocacy group NOYB has clapped back at Meta over its plans to start training its AI model on European users' data. In a cease and desist letter to the social networking giant's Irish operation signed by founder Max Schrems, the non-profit demanded that it justify its actions or risk...
Google to pay $1.38 billion over privacy violations
The state of Texas reached a mammoth financial agreement with Google last week, securing $1.375 billion in payments to settle two three year-old lawsuits. The Office of Texas Attorney General Ken Paxton originally filed the first lawsuit against Google in January 2022, complaining that the tech...
Zoom attack tricks victims into allowing remote access to install malware and steal money
Be careful when talking to people you've not met with before over the Zoom video conferencing system; you might get more than you bargained for. Two CEOs were recently targeted by a Zoom-based attack. One spotted it in time - and sadly, one did not. The attack is by a crime group that the Securit...
Google AI taken for a ride by April Fools’ Day joke
Cwmbran in Wales, a town with a population of just under 50,000, holds the Guinness World Record for the most roundabouts—at least according to Google AI Overviews. Except that's not actually true… Ben Black has been publishing lighthearted fake stories on April Fools’ Day for his community news...
Intimate images from kink and LGBTQ+ dating apps left exposed online
A researcher found millions of pictures from specialized dating apps for iOS stored online without any kind of password protection. The pictures, some of which are explicit, stem from dating apps that all have a specific audience. The five platforms, all developed by M.A.D. Mobile are kink sites...
Moving from WhatsApp to Signal: A good idea?
This week we learned that the US Government uses Signal for communication, after a journalist was accidentally added to a Signal chat. Accidental additions of people aside, the news has got regular folks asking if they should, too, be using Signal for private communications. Probably the largest...
DeepSeek users targeted with fake sponsored Google ads that deliver malware
The threat intel research used in this post was provided by Malwarebytes Senior Director of Research, Jérôme Segura. DeepSeek’s rising popularity has not only raised concerns and questions about privacy implications, but cybercriminals are also using it as a lure to trap unsuspecting Google...
PayPal’s “no-code checkout” abused by scammers
We recently identified a new scam targeting PayPal customers with very convincing ads and pages. Crooks are abusing both Google and PayPal's infrastructure in order to trick victims calling for assistance to speak with fraudsters instead. Combining official-looking Google search ads with...
Countries and companies are fighting at the expense of our data privacy
Data privacy issues are a hot topic in a world where we apparently don’t know who to trust anymore. A few weeks ago, we reported how the UK had secretly ordered Apple to provide blanket access to protected cloud backups around the world. This week, Apple decided to pull the plug on Advanced Data...
Apple ordered to grant access to users’ encrypted data
Last week, an article in the Washington Post revealed the UK had secretly ordered Apple to provide blanket access to protected cloud backups around the world. Since then, privacy focused groups have uttered their objections. The UK government has demanded to be able to access encrypted data store...
A week in security (February 3 – February 9)
Last week on Malwarebytes Labs: WhatsApp says Paragon is spying on specific users New AI "agents" could hold people for ransom in 2025 Valley News Live exposed more than a million job seeker’s resumes Small business owners, secure your web shop University site cloned to evade ad detection...
A week in security (January 20 – January 26)
Last week on Malwarebytes Labs: Your location or browsing habits could lead to price increases when buying online AI tool GeoSpy analyzes images and identifies locations in seconds 7-Zip bug could allow a bypass of a Windows security feature. Update now Warning: Don’t sell or buy a second hand...
Three privacy rules for 2025 (Lock and Code S06E02)
This week on the Lock and Code podcast… It’s Data Privacy Week right now, and that means, for the most part, that you’re going to see a lot of well-intentioned but clumsy information online about how to protect your data privacy. You’ll see articles about iPhone settings. You’ll hear acronyms for...
WhatsApp spear phishing campaign uses QR codes to add device
A cybercriminal campaign linked to Russia is deploying QR codes to access the WhatsApp accounts of high-profile targets like journalists, members of think tanks, and employees of non-governmental organizations NGOs, according to new details revealed by Microsoft. The group, which Microsoft tracks...
AI Granny Daisy takes up scammers’ time so they can’t bother you
A mobile network operator has called in the help of Artificial Intelligence AI in the battle against phone scammers. Virgin Media O2 in the UK has built an AI persona called Daisy with the sole purpose of keeping scammers occupied for as long as possible. Basically, until the scammers give up,...
Upload a video selfie to get your Facebook or Instagram account back
Meta, the company behind Facebook and Instagram says its testing new ways to use facial recognition—both to combat scams and to help restore access to compromised accounts. The social media giant is testing the use of video selfies and facial recognition to help users get their hijacked accounts...
A week in security (October 14 – October 20)
Last week on Malwarebytes Labs: Unauthorized data access vulnerability in macOS is detailed by Microsoft 23andMe will retain your genetic information, even if you delete the account "Nudify" deepfake bots remove clothes from victims in minutes, and millions are using them Tor Browser and Firefox...
23andMe will retain your genetic information, even if you delete the account
Deleting your personal data from 23andMe is proving to be hard. There are good reasons for people wanting to delete their data from 23andMe: The DNA testing platform has a lot of problems, so let’s start with a recap. A little over a year ago, cybercriminals put up information belonging to as man...
Election season raises fears for nearly a third of people who worry their vote could be leaked
As the United States enters full swing into its next presidential election, people are feeling worried, unsafe, and afraid. And none of that has to do with who wins. According to new research from Malwarebytes, people see this election season as a particularly risky time for their online privacy...
A week in security (September 23 – September 29)
Last week on Malwarebytes Labs: Millions of Kia vehicles were vulnerable to remote attacks with just a license plate number Privacy watchdog files complaint over Firefox quietly enabling its Privacy Preserving Attribution Telegram will hand over user details to law enforcement Don’t share the vir...
SpaceX, CNN, and The White House internal data allegedly published online. Is it real?
A cybercriminal has released internal data online that they say has come from leaks at several high-profile sources, including SpaceX, CNN, and the White House. However, there are some questions around the reliability and usefulness of the released data, so we took a closer look. When it comes to...
A week in security (September 2 – September 8)
Last week on Malwarebytes Labs: Lowe’s employees phished via Google ads Planned Parenthood partly offline after ransomware attack "Hello pervert" sextortion scam includes new threat of Pegasus—and a picture of your home How to avoid election related scams London’s city transport hit by...
“Hello pervert” sextortion scam includes new threat of Pegasus—and a picture of your home
After using passwords obtained from one of the countless breaches as a lure to trick victims into paying, the “Hello pervert” sextortion scammers have recently introduced two new pressure tactics: Name-dropping the infamous Pegasus spyware and adding pictures of your home environment. They do thi...
Iranian cybercriminals are targeting WhatsApp users in spear phishing campaign
An Iranian state-sponsored group often referred to as Iran’s Islamic Revolutionary Guard Corps IRGC is making headlines again this season as Meta disclosed that the cybercriminals targeted WhatsApp users in Israel, Palestine, Iran, the UK, and the US. Other names for this group—depending on the...
Fake Canva home page leads to browser lock
In a previous blog post, we showed how fraudsters were leveraging features from the very company Microsoft they were impersonating. We continue this series with another clever trick abusing Canva, a popular online tool for graphic design. This time, the scammers registered an account on Canva to...
Telegram CEO Pavel Durov charged with allowing criminal activity
France has indicted the CEO of the popular messaging app Telegram on charges of complicity in the distribution of child sex abuse images, aiding organized crime, drug trafficking, fraud, and refusing lawful orders to give information to law enforcement. The arrest warrants for Pavel Durov and his...
Why you need to know about ransomware
Last month, a strange thing happened in cybersecurity: a type of cyberthreat typically reserved for large businesses and critical services appeared on the computers of everyday people. Starting on July 20, hundreds of individuals across the globe began reporting problems with ransomware. Ransomwa...
Millennials’ sense of privacy uniquely tested in romantic relationships
Millennials are in a bind. According to a new analysis of research released earlier this year by Malwarebytes, Millennials are significantly more likely than every other generation to feel that there is no need to share their online account logins with boyfriends, girlfriends, spouses, or...
Dozens of Google products targeted by scammers via malicious search ads
In a previous blog, we saw criminals distribute malware via malicious ads for Google Authenticator. This time, brazen malvertisers went as far as impersonating Googles entire product line and redirecting victims to a fake Google home page. Clearly not afraid of poking the bear, they even used and...
Data theft forum admins busted after flashing their cash in a life of luxury
Two men without a clear source of income landed cyberfraud charges after being so flash with their ill-gotten cash that it gained the attention of the authorities. In 2022, Russian national Pavel Kublitskii and Kazakhstan national Alexandr Khodyrev arrived in Florida and requested asylum, which w...