What does Google know about me? (Lock and Code S06E21)

This week on the Lock and Code podcast … Google is everywhere in our lives. It's reach into our data extends just as far. After investigating how much data Facebook had collected about him in his nearly 20 years with the platform, Lock and Code host David Ruiz had similar questions about the othe...

Prosper data breach puts 17 million people at risk of identity theft

Peer-to-peer lending marketplace Prosper detected unauthorized activity on their systems on September 2, 2025. It published an FAQ page later that month to address the incident. During the incident, the attacker stole personal information belonging to Prosper customers and loan applicants. As...

Satellites leak voice calls, text messages and more

Scientists from several US universities intercepted unencrypted broadcast through geostationary satellites using only off-the-shelf equipment on a university rooftop. Geostationary satellites move at the same speed as the Earth’s rotation so it seems as though they are always above the same exact...

Phishing scams exploit New York’s inflation refund program

A warning from the New York State on their website informs visitors that: “Scammers are calling, mailing, and texting taxpayers about income tax refunds, including the inflation refund check.” Here's the warning on the website: We can confirm that several phishing campaigns are exploiting a...

Millions of (very) private chats exposed by two AI companion apps

Cybernews discovered how two AI companion apps, Chattee Chat and GiMe Chat, exposed millions of intimate conversations from over 400,000 users. This is not the first time we have to write about AI "girlfriends" exposing their secrets—and it probably won't be the last. This latest incident is a...

What’s there to save about social media? (Lock and Code S06E20)

This week on the Lock and Code podcast … "Connection" was the promise—and goal—of much of the early internet. No longer would people be separated from vital resources and news that was either too hard to reach or made simply inaccessible by governments. No longer would education be guarded behind...

Scam Facebook groups send malicious Android malware to seniors

An infostealer and banking Trojan rolled into one is making the rounds in Facebook groups aimed at "active seniors". Attackers used social engineering methods to lure targets into joining fake Facebook groups that appeared to promote travel and community activities—such as trips, dance classes, a...

Google and Flo to pay $56 million after misusing users’ health data

Popular period-tracking app Flo Health shared users’ intimate health data—such as menstrual cycles and fertility information—with Google and Meta, allegedly for targeted advertising purposes, according to multiple class-action lawsuits filed in the US and Canada. Between 2016 and 2019, the...

LinkedIn will use your data to train its AI unless you opt out now

LinkedIn plans to share user data with Microsoft and its affiliates for AI training. Framed as "legitimate interest", it won't ask for your permission—instead you'll have to opt out before the deadline. Microsoft has made major investments in ChatGPT’s creator OpenAI, and as we know, the more dat...

Fake Malwarebytes, LastPass, and others on GitHub serve malware

Fake versions of legitimate software are currently circulating on GitHub pages, in a large-scale campaign targeting Mac users. Unfortunately, Malwarebytes for Mac is one of them. Impersonating brands is sadly commonplace, as scammers take advantage of established brand names to target their...

224 malicious apps removed from the Google Play Store after ad fraud campaign discovered

Researchers have discovered a large ad fraud campaign on Google Play Store. The Satori Threat Intelligence and Research team found 224 malicious apps which were downloaded over 38 million times and generated up to 2.3 billion ad requests per day. They named the campaign "SlopAds." Ad fraud is a...

Airline data broker selling 5 billion passenger records to US government

We already knew that the US airline industry gave the government access to passenger records. However, this week it emerged that at least five billion passenger records are being sold to government agencies via a searchable database—far more than was initially believed. A few weeks ago,...

Update your Apple devices to fix dozens of vulnerabilities

Apple has released security updates for iPhones, iPads, Apple Watches, Apple TVs, and Macs as well as for Safari, and Xcode to fix dozens of vulnerabilities which could give cybercriminals access to sensitive data. How to update your devices How to update your iPhone or iPad For iOS and iPadOS...

Meta ignored child sex abuse in VR, say whistleblowers

Two former employees at Meta testified against the company at a Senate hearing this week, accusing it of downplaying the dangers of child abuse in its virtual reality VR environment. The whistleblowers say they saw incidents where children were asked for sex acts and nude photos in Facebook's VR...

When AI chatbots leak and how it happens

In a recent article on Cybernews there were two clear signs of how fast the world of AI chatbots is growing. A company I had never even heard of had over 150 million app downloads across its portfolio, and it also had an exposed unprotected Elasticsearch instance. This needs a bit of an...

Fake Bureau of Motor Vehicles texts are after your personal and banking details

Scammers are sending out texts that claim to be from the Bureau of Motor Vehicles BMV, saying that you have outstanding traffic tickets. Here's an example, which was sent to one of our employees. “Ohio BMV Final Notice: Enforcement Begins September 10nd. Our records indicate that as of today, you...

‘Astronaut-in-distress’ romance scammer steals money from elderly woman

A Japanese octogenarian from Hokkaido Island lost thousands of dollars after being scammed by someone who described himself as a desperate astronaut in need of help. According to Hokkaidō Broadcasting, police in Sapporo say the fraudster contacted the woman on social media in July. After several...

TP-Link warns of botnet infecting routers and targeting Microsoft 365 accounts

TP-Link has issued a warning about a botnet exploiting two vulnerabilities to infect small office/home SOHO routers, which are then weaponized to attack Microsoft 365 accounts. The vulnerabilities affect the Archer C7 and TL-WR841N/ND routers, though other models may also be at risk. Despite the...

Why you should upgrade to Windows 11 now, and how to do it

I know many of us loved Windows XP and Windows 7 almost as much as we dislike Windows 10 and 11, but if you want to stay secure on Windows, the time to bite the bullet is closing in fast. Support for Windows 10 will end on October 14, 2025, which means the only Windows version that will continue ...

PayPal users targeted in account profile scam

A co-worker forwarded this rather convincing PayPal scam to me. Thanks Elena. A highly sophisticated email scam is targeting PayPal users with the subject line of "Set up your account profile." We decided to see what the scammers are after. First thing to do is to look at the headers: The sender...

WhatsApp fixes vulnerability used in zero-click attacks

WhatsApp says it has issued an update to patch a vulnerability that has been used in conjunction with an Apple vulnerability to target specific users and compromise their devices. Reportedly, attackers used this exploit against dozens of WhatsApp users, and WhatsApp has notified those affected:...

Claude AI chatbot abused to launch “cybercrime spree”

Anthropic—the company behind the widely renowned coding chatbot, Claude—says it uncovered a large-scale extortion operation in which cybercriminals abused Claude to automate and orchestrate sophisticated attacks. The company issued a Threat Intelligence report in which it describes several...

How a scam hunter got scammed (Lock and Code S06E17)

This week on the Lock and Code podcast… If there’s one thing that scam hunter Julie-Anne Kearns wants everyone to know, it is that no one is immune from a scam. And she would know—she fell for one last year. For years now, Kearns has made a name for herself on TikTok as a scam awareness and...

All Apple users should update after company patches zero-day vulnerability in all platforms

Apple has released security updates for iPhones, iPads and Macs to fix a zero-day vulnerability a vulnerability which Apple was previously unaware of that is reportedly being used in targeted attacks. The updates cover: iOS 18.6.2 and iPadOS 18.6.2 iPhone XS and later, iPad Pro 13-inch, iPad Pro...

National Public Data returns after massive Social Security Number leak

Remember that data broker nobody had ever heard of, but managed to leak a database which contained the data of some 2.9 billion people? It's back, and this time with a search function. National Public Data suffered an alleged breach in 2024 against a data base that, it turned out, carried 272...

Adult sites trick users into Liking Facebook posts using a clickjack Trojan

As the use of age verification to access adult websites increases in various countries around the world, shady websites with adult content have started a timely malware-fueled campaign to promote links to their own websites. During our daily rounds on Facebook, looking for the latest scams, we...

That seemingly innocent text is probably a scam

A special thanks to all the people at Malwarebytes and ThreatDown for sharing the text messages they received from scammers. Many of us have received texts like these. Often super short, some flirty, some with a business tone, or sometimes just a simple ‘hello.’ You don't know the sender, and the...

VPN use rises following Online Safety Act’s age verification controls

As the UK's Online Safety Act came into effect on Friday—along with its age verification controls—the use of virtual private network VPN services has skyrocketed by up to 20-fold across the region. Top10VPN, which monitors VPN traffic around the world, spotted UK VPN traffic spiking 1,327% on Jul...

A week in security (July 21 – July 27)

A list of topics we covered in the week of July 21 to July 27 of 2025 Last week on Malwarebytes Labs: Steam games abused to deliver malware once again Watch out: Instagram users targeted in novel phishing campaign Age verification: Child protection or privacy risk? iPhone vs. Android: iPhone user...

A week in security (July 14 – July 20)

Last week on Malwarebytes Labs: Meta execs pay the pain away with $8 billion privacy settlement Adoption agency leaks over a million records Meta AI chatbot bug could have allowed anyone to see private conversations WeTransfer walks back clause that said it would train AI on your files Chrome fix...

Chrome fixes 6 security vulnerabilities. Get the update now!

Google has released an update for its Chrome browser to patch six security vulnerabilities, including one zero-day. This update is crucial since it addresses one actively exploited vulnerability which can be abused when the user visits a malicious website. It doesn’t require any further user...

Free certificates for IP addresses: security problem or solution?

Let’s Encrypt has announced its issued its first certificate for an IP address. Why that’s significant deserves a little explanation. You may have run into Let’s Encrypt certificates many times without realizing it. When you see a padlock icon in your browser’s address bar, it means the site is...

Gamers hacked playing Call of Duty: WWII—PC version temporarily taken offline

On Saturday, the Call of Duty team announced that the PC version of Call of Duty: WWII has been taken offline following "reports of an issue." That issue seems to be a serious security problem, after reports surfaced about a remote code execution RCE vulnerability in the game. After Microsoft’s...

Drug cartel hacked cameras and phones to spy on FBI and identify witnesses

The "El Chapo" Mexican drug cartel snooped on FBI personnel through hacked cameras, and listened in on their phone calls to identify and kill potential witnesses, the US Department of Justice has said. And seven years on, the Bureau's defenses against this kind of surveillance are still inadequat...

Bluetooth vulnerability in audio devices can be exploited to spy on users

Researchers have found vulnerabilities in 29 Bluetooth devices like speakers, earbuds, headphones, and wireless microphones from reputable companies including Sony, Bose, and JBL. The vulnerabilities could be exploited to spy on users, and even steal information from the device. The researchers w...

Facebook wants to look at your entire camera roll for “AI restyling” suggestions, and more

Facebook's pursuit of your personal data continues apace, and now it has a new target: photos on your phone that you haven't shared with it yet. Techcrunch reports that the social media giant is now asking its users to peek at the photos on their phones' camera rolls. In return it will give them...

Sextortion email scammers increase their “Hello pervert” money demands

Every so often the sextortion emails that start with “Hello pervert” get a redesign. You may have received one yourself: The emails claim that the sender has been watching your online behavior and caught you red-handed doing activities that you would like to keep private. The email usually starts...

Billions of logins for Apple, Google, Facebook, Telegram, and more found exposed online

When organizations, good or bad, start hoarding collections of login credentials the numbers quickly add up. Take the 184 million logins for social media accounts we reported about recently. Now try to imagine 16 billion! Researchers at Cybernews have discovered 30 exposed datasets containing fro...

Mattel’s going to make AI-powered toys, kids’ rights advocates are worried

Toy company Mattel has announced a deal with OpenAI to create AI-powered toys, but digital rights advocates have urged caution. In a press release last week, the owner of the Barbie brand signed a "strategic collaboration" with the AI company, which owns ChatGPT. "By using OpenAI's technology,...

How and where to report an online scam

If you've been scammed it's really important to report it, if you can, in order to help prevent others falling for the same scam, and give authorities a chance to catch the criminal who did it. The methods in which to report a scam varies according to the country you're in, the platforms you're...

Lumma information stealer infrastructure disrupted

The US Department of Justice DOJ and Microsoft have disrupted the infrastructure of the Lumma information stealer infostealer. Lumma Stealer, also known as LummaC or LummaC2, first emerged in late 2022 and quickly established itself as one of the most prolific infostealers. Infostealers is the na...

Scammers are using AI to impersonate senior officials, warns FBI

The FBI has issued a warning about an ongoing malicious text and voice messaging campaign that impersonates senior US officials. The targets are predominantly current or former US federal or state government officials and their contacts. In the course of this campaign, the cybercriminals have use...

Google Chrome will use AI to block tech support scam websites

Google has expressed plans to use Artificial Intelligence AI to stop tech support scams in Chrome. With the launch of Chrome version 137, Google plans to use the on-device Gemini Nano large language model LLM to recognize and block tech support scams. Users already have the ability to chose...

Digital rampage saw ex-Disney employee remove nut allergy info from menus, dox co-workers, and more

A former Disney employee, Michael Scheuer, will serve three years in prison for computer fraud and aggravated identity theft after a digital sabotage campaign against his ex-employer. In addition to his sentence, he must pay nearly US$688,000 in restitution. Scheuer, a former menu production...

X users report login troubles as Dark Storm claims cyberattack

In the early morning hours of March 10, thousands of users on X formerly Twitter began having trouble logging into the platform. It was only the first service blip of at least three to come that same day and, if one cybercriminal group is to be believed, it was all on purpose. “Twitter has been...

A week in security (February 24 – March 2)

Last week on Malwarebytes Labs: Millions of stalkerware users exposed again PayPal’s "no-code checkout" abused by scammers Countries and companies are fighting at the expense of our data privacy Roblox called "real-life nightmare for children" as Roblox and Discord sued Android happy to check you...

Android happy to check your nudes before you forward them

Sometimes the updates we install to keep our devices safe do a little bit more than we might suspect at first glance. Take the October 2024 Android Security Bulletin. It included a new service called Android System SafetyCore. If you can find a mention of that in the security bulletin, you’re a...

Malwarebytes introduces native ARM support for Windows devices

For the last four years, Malwarebytes has been protecting ARM-based machines running on Apple’s M-series processors. Now, we’ve expanded our protection range to include ARM-based Windows machines such as Copilot+ PCs, including Microsoft Surface Pro, Lenovo Yoga Slim and ThinkPad, and Dell...

Google now allows digital fingerprinting of its users

In the ongoing saga that is Google’s struggle to replace tracking cookies, we have entered a new phase. But whether that’s good news is another matter. For years, Google has been saying it will phase out the third-party tracking cookies that power much of its advertising business online, proposin...

Small business owners, secure your web shop

An online shop is more than just another way to sell your products. It comes with a responsibility to keep the web shop secure. Cybercriminals are looking to steal your customers’ credit card details, their personal data, and even your revenue. And it’s not as if using a platform that is used by...