Lucene search
K
MalwarebytesMost viewed

4706 matches found

Malwarebytes
Malwarebytes
added 2026/04/23 3:34 p.m.9 views

How cyberattacks on companies affect everyone

If you use the internet, you’ve likely been affected by cybercrime in some way. Even when an attack is aimed at a company, the fallout usually lands on ordinary people. The most obvious harm is stolen data. When attackers break into a business, it is usually customer information that ends up in...

5.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/04/21 12:59 p.m.9 views

Real Apple notifications are being used to drive tech support scams

Scammers have found a way to abuse legitimate Apple account notification emails to trick targets into calling fake tech support numbers. According to a report from BleepingComputer, scammers create an Apple account and insert a phishing message into the personal information fields, then modify th...

5.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/04/16 8:2 a.m.9 views

Booking.com breach gives scammers what they need to target guests

Travel companies love telling you your data is safe. Booking.com just reminded everyone why that's a hard promise to keep. The Amsterdam-based booking giant began notifying customers on April 13 that "unauthorized third parties" had accessed guest reservation data. The compromised information...

5.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/04/15 9:8 a.m.9 views

Credit Resources Vault: Why this credit email set off our scam alarms

If there is anything that annoys me more than a scammer, it's companies that behave like one, while staying just on the right side of the law. They manage to linger and disappoint customers for years. It's also why sometimes people think that Malwarebytes Scam Guard can be overly cautious when...

5.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/04/10 3:2 p.m.9 views

ClickFix finds a new way to infect Macs

ClickFix campaigns are looking for alternatives now that many Mac users have been made aware of the dangers of pasting certain commands into Terminal. Researchers found that ClickFix has kept the same social engineering playbook but completely sidestepped Terminal by using the applescript:// URL...

6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/04/09 1:5 p.m.9 views

Scammers pose as Amazon support to steal your account

Cybercriminals using the so-called "spray and pray" tactic love to impersonate well-known brands. Especially ones with huge customer bases. Amazon reportedly has around 310 million active customers, so they certainly qualify as a brand worth impersonating. And it shows in the sheer volume of scam...

5.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/04/08 2:33 p.m.9 views

Your extensions leak clues about you, so we made sure Browser Guard doesn’t

Did you know you can be profiled based on the browser extensions you use? Advertisers can detect which extensions are installed and use that to build a picture of the kind of user you are. For instance, do you pride yourself on being a good online shopper who never pays full price? Maybe you use ...

6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/04/03 2:37 p.m.9 views

Blocking children from social media is a badly executed good idea

While we can probably all agree that there is more than enough proof that social media is bad for the mental health of our children, the methods we are trying to block or ban them seem to do more harm than good. Across the world, lawmakers are tripping over each other to be seen “doing something”...

6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/03/23 12:42 p.m.9 views

Advanced Flow will make Android sideloading safer

Google has announced the introduction of Advanced Flow, designed to let Android users install apps from unverified developers more safely than before. This process is known as sideloading. It means installing an app on your device from somewhere other than the Google Play store, usually by...

5.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/03/22 10:2 p.m.9 views

This is all it takes to stop a train (Lock and Code S07E06)

This week on the Lock and Code podcast … Forget the runaway train thrillingly shot in Buster Keaton's 1926 film "The General," and never mind the charging locomotive rescued by actors Denzel Washington and Chris Pine in the 2010 film "Unstoppable," as there's a far more frequent and far less...

5.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/03/19 12:27 p.m.9 views

A DarkSword hangs over unpatched iPhones

Researchers at Google have identified an iOS exploit chain, named DarkSword, that has been used since late last year by multiple actors to infect iPhones with malware in targeted attacks. DarkSword combines six vulnerabilities in iOS and Safari to deploy malware on the device. It demonstrates, on...

7.8CVSS6.1AI score0.01319EPSS
Exploits4
Malwarebytes
Malwarebytes
added 2026/03/11 10:47 a.m.9 views

March 2026 Patch Tuesday fixes two zero-day vulnerabilities

Microsoft releases important security updates on the second Tuesday of every month, known as Patch Tuesday. This month’s update fixes 79 Microsoft CVEs including two zero-day vulnerabilities. Microsoft defines a zero-day as “a flaw in software for which no official patch or security update is...

8.8CVSS6.3AI score0.02049EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2026/03/03 12:10 p.m.9 views

Chrome flaw let extensions hijack Gemini’s camera, mic, and file access

Chrome’s Gemini “Live in Chrome” panel Gemini’s embedded, agent-style assistant mode within Chrome had a high‑severity vulnerability tracked as CVE‑2026‑0628. The flaw let a low‑privilege extension inject code into the Gemini side panel and inherit its powerful capabilities, including local file...

8.8CVSS6AI score0.06545EPSS
Exploits2
Malwarebytes
Malwarebytes
added 2026/02/23 9:10 p.m.9 views

OpenClaw: What is it and can you use it safely?

An AI tool with a funny name has caused quite a commotion as of late—including some allegations of machine consciousness—so here is a breakdown on OpenClaw. Launched in November 2025, OpenClaw is an open-source, autonomous artificial intelligence AI agent that was made to run locally on your own...

5.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/02/22 11:8 p.m.9 views

What can’t you say on TikTok?

This week on the Lock and Code podcast … A funny thing happened on TikTok last month, and it has brought allegations of censorship, manipulation, and control. It was the week of January 22, and after a long legal battle, TikTok had finally—for the first time in its company history—moved its...

5.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/02/19 11:16 a.m.9 views

Meta patents AI that could keep you posting from beyond the grave

Tech bros have been wanting to become immortal for years. Until they get there, their fallback might be continuing to post nonsense on social media from the afterlife. On December 30, 2025, Meta was granted US patent 12513102B2: Simulation of a user of a social networking system using a language...

5.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/02/17 6:25 p.m.9 views

Chrome “preloading” could be leaking your data and causing problems in Browser Guard

This article explains why Chrome’s “preloading” feature can cause scary-looking blocks in Malwarebytes Browser Guard and how to turn it off. Modern browsers want to provide content instantly. To do that, Chrome includes a feature called page preloading. When this is enabled, Chrome doesn’t just...

5.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/02/13 1:27 p.m.9 views

How to find and remove credential-stealing Chrome extensions

Researchers have found yet another family of malicious extensions in the Chrome Web Store. This time, 30 different Chrome extensions were found stealing credentials from more than 260,000 users. The extensions rendered a full-screen iframe pointing to a remote domain. This iframe overlaid the...

5.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/02/12 8:3 a.m.9 views

Criminals are using AI website builders to clone major brands

AI tool Vercel was abused by cybercriminals to create a Malwarebytes lookalike website. Cybercriminals no longer need design or coding skills to create a convincing fake brand site. All they need is a domain name and an AI website builder. In minutes, they can clone a site's look and feel, plug i...

5.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/02/10 1:50 p.m.9 views

How safe are kids using social media? We did the groundwork

When researchers created an account for a child under 13 on Roblox, they expected heavy guardrails. Instead, they found that the platform’s search features still allowed kids to discover communities linked to fraud and other illicit activity. The discoveries spotlight the question that lawmakers...

5.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/02/09 8:1 a.m.9 views

A week in security (February 2 – February 8)

Last week on Malwarebytes Labs: Apple Pay phish uses fake support calls to steal payment details Open the wrong "PDF" and attackers gain remote access to your PC Flock cameras shared license plate data without permission Grok continues producing sexualized images after promised fixes Firefox is...

5.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/02/05 1:48 p.m.9 views

Open the wrong “PDF” and attackers gain remote access to your PC

Cybercriminals behind a campaign dubbed DEADVAX are taking phishing one step further by delivering malware inside virtual hard disks that pretend to be ordinary PDF documents. Open the wrong “invoice” or “purchase order” and you won't see a document at all. Instead, Windows mounts a virtual drive...

5.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/02/03 11:20 a.m.9 views

Apple’s new iOS setting addresses a hidden layer of location tracking

Most iPhone owners have hopefully learned to manage app permissions by now, including allowing location access. But there's another layer of location tracking that operates outside these controls. Your cellular carrier has been collecting your location data all along, and until now, there was...

5.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/01/27 11:9 a.m.9 views

TikTok narrowly avoids a US ban by spinning up a new American joint venture

TikTok may have found a way to stay online in the US. The company announced late last week that it has set up a joint venture backed largely by US investors. TikTok announced T ikTok USDS Joint Venture LLC on Friday in a deal valued at about $14 billion , allowing it to continue operating in the...

5.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/01/26 1:31 p.m.9 views

One privacy change I made for 2026 (Lock and Code S07E02)

This week on the Lock and Code podcast … When you hear the words "data privacy," what do you first imagine? Maybe you picture going into your social media apps and setting your profile and posts to private. Maybe you think about who you've shared your location with and deciding to revoke some of...

5.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/01/12 9:4 p.m.9 views

Received an Instagram password reset email? Here’s what you need to know

Last week, many Instagram users began receiving unsolicited emails from the platform that warned about a password reset request. The message said: “Hi username, We got a request to reset your Instagram password. If you ignore this message, your password will not be changed. If you didn’t request ...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/01/12 1:0 p.m.9 views

Celebrating reviews and recognitions for Malwarebytes in 2025

Independent recognition matters in cybersecurity, and it matters a lot to us. It shows how security products perform when they’re tested against in-the-wild threats, using lab environments designed to reflect what people actually face in the real world. In 2025, Malwarebytes earned awards and...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/01/09 3:41 p.m.9 views

pcTattletale founder pleads guilty as US cracks down on stalkerware

Reportedly, pcTattletale founder Bryan Fleming has pleaded guilty in US federal court to computer hacking, unlawfully selling and advertising spyware, and conspiracy. This is good news not just because we despise stalkerware like pcTattletale, but because it is only the second US federal...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/01/08 10:36 a.m.9 views

Fake WinRAR downloads hide malware behind a real installer

A member of our web research team pointed me to a fake WinRAR installer that was linked from various Chinese websites. When these links start to show up, that’s usually a good indicator of a new campaign. So, I downloaded the file and started an analysis, which turned out to be something of a...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/12/29 8:2 a.m.9 views

A week in security (December 22 – December 28)

Last week on Malwarebytes Labs: Pornhub tells users to expect sextortion emails after data exposure Hacktivists claim near-total Spotify music scrape Stay safe! We don 't just report on threats—we help safeguard your entire digital identity Cybersecurity risks should never spread beyond a headlin...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/12/19 1:56 p.m.9 views

CISA warns ASUS Live Update backdoor is still exploitable, seven years on

Recently, the Cybersecurity and Infrastructure Security Agency CISA added along with two others a vulnerability in ASUS Live Update to its catalog of Known Exploited Vulnerabilities KEV. The KEV catalog lists vulnerabilities that are known to be exploited in the wild and sets patch deadlines for...

9.8CVSS7AI score0.01084EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2025/12/16 11:10 a.m.9 views

Google is discontinuing its dark web report: why it matters

Google has announced that early next year they are discontinuing the dark web report, which was meant to monitor breach data that’s circulating on the dark web. The news raised some eyebrows, but Google says it’s ending the feature because feedback showed the reports didn’t provide “helpful next...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/12/15 1:41 p.m.9 views

PayPal closes loophole that let scammers send real emails with fake purchase notices

After an investigation by BleepingComputer, PayPal closed a loophole that allowed scammers to send emails from the legitimate [email protected] email address. Following reports from people who received emails claiming an automatic payment had been cancelled, BleepingComputer found that...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/12/11 1:40 p.m.9 views

Malwarebytes for Mac now has smarter, deeper scans

Say hello to the upgraded Malwarebytes for Mac —now with more robust protection, more control, and the same trusted defense you count on every day. We’ve given our Mac scan engine a serious intelligence boost, so it thinks faster and digs deeper. The new enhanced scan searches across more of your...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/12/11 11:58 a.m.9 views

[Updated] Another Chrome zero-day under attack: update now

Google issued an extra patch for a security vulnerability in Chrome that is being actively exploited, and it's urging users to update. The patch fixes three flaws in Chrome, and for one of them Google says an exploit already exists in the wild. Chrome is by far the world’s most popular browser,...

9.8CVSS7.9AI score0.22721EPSS
Exploits22
Malwarebytes
Malwarebytes
added 2025/12/02 5:49 p.m.9 views

“Sleeper” browser extensions woke up as spyware on 4 million devices

Researchers have unraveled a malware campaign that really did play the long game. After seven years of behaving normally, a set of browser extensions installed on roughly 4.3 million Chrome and Edge users’ devices suddenly went rogue. Now they can track what you browse and run malicious code insi...

7.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/12/02 2:18 p.m.9 views

Whispering poetry at AI can make it break its own rules

Most of the big AI makers don't like people using their models for unsavory activity. Ask one of the mainstream AI models how to make a bomb or create nerve gas and you'll get the standard "I don't help people do harmful things" response. That has spawned a cat-and-mouse game of people who try to...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/11/27 2:40 p.m.9 views

Millions at risk after nationwide CodeRED alert system outage and data breach

A nationwide cyberattack against the OnSolve CodeRED emergency notifications system has prompted cities and counties across the US to warn residents and advise them to change their passwords. CodeRED is used by local governments to deliver fast, targeted alerts during severe weather, evacuations,...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/11/24 5:36 p.m.9 views

Black Friday scammers offer fake gifts from big-name brands to empty bank accounts

Black Friday is supposed to be chaotic, sure, but not this chaotic. While monitoring malvertising patterns ahead of the holiday rush, I uncovered one of the most widespread and polished Black Friday scam campaigns circulating online right now. It’s not a niche problem. Our own research shows that...

6.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/11/20 1:50 p.m.9 views

Holiday scams 2025: These common shopping habits make you the easiest target

Every year, shoppers get faster, savvier, and more mobile. We compare prices on the go, download apps for coupons, and jump on deals before they disappear. But during deal-heavy periods like Black Friday, Cyber Monday, and the December shopping rush, convenience can work against us. Quick...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/11/17 5:18 p.m.9 views

The price of ChatGPT’s erotic chat? $20/month and your identity

To talk dirty to ChatGPT, you may soon have to show it your driver’s license. OpenAI announced last month that ChatGPT will soon offer erotica—but only for verified adults. That sounds like a clever guardrail until you realize what “verified” might mean: uploading government identification to a...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/11/14 4:30 p.m.9 views

Be careful responding to unexpected job interviews

One of our customers was contacted on LinkedIn about a job offer. The initial message was followed up by an email: “Thank you for your interest in the Senior Construction Manager position at company. After reviewing your background, we were impressed with your experience and would like to invite...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/11/11 1:17 p.m.9 views

How credentials get stolen in seconds, even with a script-kiddie-level phish

This attempt to phish credentials caught our attention, mostly because of its front-end simplicity. Even though this is a script-kiddie-level type of attack, we figured it was worth writing up—precisely because it’s so easy to follow what they're up to. The email is direct and to the point. Not a...

7.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/11/11 12:35 p.m.9 views

Stolen iPhones are locked tight, until scammers phish your Apple ID credentials

One of the reassuring things about owning an iPhone was knowing you could lock it if it got lost or stolen. Without your passcode, fingerprint or face to unlock it, it would be useless to anyone else. Now, though, some phone thieves have found a workaround, not by breaking Apple's security, but b...

6.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/11/03 4:1 p.m.9 views

Attack of the clones: Fake ChatGPT apps are everywhere

The mobile AI gold rush has flooded app stores with lookalikes—shiny, convincing apps promising “AI image generation,” “smart chat,” or “instant productivity.” But behind the flashy logos lurks a spectrum of fake apps, from harmless copycats to outright spyware. Spoofing trusted brands like...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/10/29 1:48 p.m.9 views

Atlas browser’s Omnibox opens up new privacy and security risks

It seems that with every new agentic browser we discover yet another way to abuse one. OpenAI recently introduced a ChatGPT based AI browser called Atlas. It didn’t take researchers long to find that the combined search and prompt bar—called the Omnibox—can be exploited. By pasting a specially...

7.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/10/20 7:3 a.m.9 views

A week in security (October 13 – October 19)

Last week on Malwarebytes Labs: Prosper data breach puts 17 million people at risk of identity theft Under the engineering hood: Why Malwarebytes chose WordPress as its CMS Video call app Huddle01 exposed 600K+ user logs Mango discloses data breach at third-party provider Roku accused of selling...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/10/17 8:10 a.m.9 views

Under the engineering hood: Why Malwarebytes chose WordPress as its CMS

It might surprise some that a security company would choose WordPress as the backbone of its digital content operations. After all, WordPress is often associated with open-source plugins, community themes, and a wide range of deployment practices—some stronger than others. But that perception...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/10/13 10:39 p.m.9 views

Phishing scams exploit New York’s inflation refund program

A warning from the New York State on their website informs visitors that: “Scammers are calling, mailing, and texting taxpayers about income tax refunds, including the inflation refund check.” Here's the warning on the website: We can confirm that several phishing campaigns are exploiting a...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/10/06 2:49 p.m.9 views

What’s there to save about social media? (Lock and Code S06E20)

This week on the Lock and Code podcast … "Connection" was the promise—and goal—of much of the early internet. No longer would people be separated from vital resources and news that was either too hard to reach or made simply inaccessible by governments. No longer would education be guarded behind...

6.7AI score
Exploits0
Total number of security vulnerabilities4706