Lucene search
K
MalwarebytesMost viewed

4706 matches found

Malwarebytes
Malwarebytes
added 2025/12/23 12:28 p.m.8 views

Hacktivists claim near-total Spotify music scrape

Hacktivist group Anna’s Archive claims to have scraped almost all of Spotify’s catalog and is now seeding it via BitTorrent, effectively turning a streaming platform into a roughly 300 TB pirate “preservation archive.” On its blog, the group states: “A while ago, we discovered a way to scrape...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/12/22 8:7 a.m.8 views

A week in security (December 15 – December 21)

Last week on Malwarebytes Labs: CISA warns ASUS Live Update backdoor is still exploitable, seven years on The ghosts of WhatsApp: How GhostPairing hijacks accounts Chrome extension slurps up AI chats after users installed it for privacy Two Chrome flaws could be triggered by simply browsing the...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/12/17 4:2 p.m.8 views

Two Chrome flaws could be triggered by simply browsing the web: Update now

Google issued an extra patch addressing two security vulnerabilities in Chrome, both of which can be triggered remotely by an attacker when a user visits a specially crafted, malicious web page. Chrome is by far the world’s most popular browser, with an estimated 3.4 billion users. That makes it ...

8.8CVSS7.1AI score0.0281EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2025/12/16 5:4 p.m.8 views

SoundCloud, Pornhub, and 700Credit all reported data breaches, but the similarities end there

Comparing data breaches is like comparing apples and oranges. They differ on many levels. To news media, the size of the brand, how many users were impacted, and how it was done often dominate the headlines. For victims, what really matters is the type of information stolen. And for the...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/12/16 11:46 a.m.8 views

Photo booth flaw exposes people’s private pictures online

Photo booths are great. You press a button and get instant results. The same can’t be said, allegedly, for the security practices of at least one company operating them. A security researcher spent weeks trying to warn a photo booth operator about a vulnerability in its system. The flaw reportedl...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/12/12 10:25 a.m.8 views

How private is your VPN?

When you're shopping around for a Virtual Private Network VPN you'll find yourself in a sea of promises like "military-grade encryption!" and "total anonymity!" You can’t scroll two inches without someone waving around these fancy terms. But not all VPNs can be trusted. Some VPNs genuinely protec...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/12/09 1:34 p.m.8 views

Prompt injection is a problem that may never be fixed, warns NCSC

Prompt injection is shaping up to be one of the most stubborn problems in AI security, and the UK’s National Cyber Security Centre NCSC has warned that it may never be “fixed” in the way SQL injection was. Two years ago, the NCSC said prompt injection might turn out to be the “SQL injection of th...

8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/12/04 1:19 p.m.8 views

Canadian police trialing facial recognition bodycams

A municipal police force in Canada is now using facial recognition bodycams, it was revealed this week. The police service in the prairie city of Edmonton is trialing technology from US-based Axon, which makes products for the military and law enforcement. Up to 50 officers are taking part in the...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/11/20 9:30 p.m.8 views

Budget Samsung phones shipped with unremovable spyware, say researchers

A controversy over data-gathering software secretly installed on Samsung phones has erupted again after a new accusatory post appeared on X last week. In the post on the social media site, cybersecurity newsletter International Cyber Digest warned about a secretive application called AppCloud tha...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/11/20 1:48 p.m.8 views

[Correction] Gmail can read your emails and attachments to power “smart features”

Update November 22. We’ve updated this article after realising we contributed to a perfect storm of misunderstanding around a recent change in the wording and placement of Gmail's smart features. The settings themselves aren’t new, but the way Google recently rewrote and surfaced them led a lot o...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/11/19 10:30 a.m.8 views

Sharenting: are you leaving your kids’ digital footprints for scammers to find?

Let’s be real: the online world is a huge part of our kids’ lives these days. From the time they’re tiny, we share photos, moments, and milestones online—proud parent stuff! Schools, friends, and family all get involved too. Before we know it, our kids have a whole digital history they didn’t eve...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/11/18 6:9 p.m.8 views

Chrome zero-day under active attack: visiting the wrong site could hijack your browser

Google has released an update for its Chrome browser that includes two security fixes. Both are classified as high severity, and one is reportedly exploited in the wild. These flaws were found in Chrome’s V8 engine, which is the part of Chrome and other Chromium-based browsers that runs JavaScrip...

8.8CVSS7.8AI score0.04835EPSS
Exploits1
Malwarebytes
Malwarebytes
added 2025/11/17 3:44 p.m.8 views

Your coworker is tired of AI “workslop” (Lock and Code S06E23)

This week on the Lock and Code podcast … Everything's easier with AI… except having to correct it. In just the three years since OpenAI released ChatGPT, not only has onlife life changed at home—it's also changed at work. Some of the biggest software companies today, like Microsoft and Google, ar...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/11/17 8:2 a.m.8 views

A week in security (November 10 – November 16)

Last week on Malwarebytes Labs: Be careful responding to unexpected job interviews Your passport, now on your iPhone. Helpful or risky? 1 million victims, 17,500 fake sites: Google takes on toll-fee scammers Are you paying more than other people? NY cracks down on surveillance pricing We opened a...

6.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/11/13 12:51 p.m.8 views

Are you paying more than other people? NY cracks down on surveillance pricing

When you search for a product online, you might think you're getting the same price as everyone else. Think again. Your price might be different based on everything from your location to what you've looked at online. Companies often use algorithms to set their prices that rely heavily on customer...

6.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/11/06 10:29 a.m.8 views

Cyberattacks on UK water systems reveal rising risks to critical infrastructure

Digital intruders have been targeting UK drinking water systems in what seems to be a growing risk. Recorded Future News sent a request to the UK's Drinking Water Inspectorate DWI, the organization responsible for ensuring that drinking water is safe, for details on cyberattacks affecting the...

6.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/11/04 12:51 p.m.8 views

“Sneaky” new Android malware takes over your phone, hiding in fake news and ID apps

Researchers at Cyfirma have investigated Android Trojans capable of stealing sensitive data from compromised devices. The malware spreads by pretending to be trusted apps—like a news reader or even digital ID apps—tricking users into downloading it by accident. In reality, it’s Android-targeting...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/11/04 9:17 a.m.8 views

Sling TV turned privacy into a game you weren’t meant to win

Streaming service Sling TV has settled with the California Attorney General over allegations that it blocked users from exercising their privacy rights. The company will pay $530,000 after being accused of making it difficult for customers to opt out of its data collection practices. The Californ...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/11/03 3:30 p.m.8 views

Would you sext ChatGPT? (Lock and Code S06E22)

This week on the Lock and Code podcast … In the final, cold winter months of the year, ChatGPT could be heating up. On October 14, OpenAI CEO Sam Altman said that the "restrictions" that his company previously placed on their flagship product, ChatGPT, would be removed, allowing, perhaps, for...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/11/03 2:0 p.m.8 views

Malwarebytes aces PCMag Readers’ Choice Awards and AVLab Cybersecurity Foundation tests

Malwarebytes proudly topped three categories in PCMag’s 2025 Readers’ Choice Awards, recognized for exceptional protection and user satisfaction. We also earned the latest badge from AVLab Cybersecurity Foundation’s September “Advanced In-The-Wild Malware Test” by blocking 100% of malware samples...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/11/03 8:5 a.m.8 views

A week in security (October 27 – November 2)

Last week on Malwarebytes Labs: Update Chrome now: 20 security fixes just landed How scammers use your data to create personalized tricks that work Ransomware gang claims Conduent breach: what you should watch for next Fake PayPal invoice from Geek Squad is a tech support scam Atlas browser’s...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/10/30 3:30 p.m.8 views

How scammers use your data to create personalized tricks that work

Think of your digital footprint as your online shadow—the trail you leave behind whenever you browse, post, shop, or even appear in someone’s contact list. It’s your likes, reviews, comments, and all the little traces you didn’t mean to share. Together, they paint a picture of you—one that friend...

6.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/10/29 11:32 a.m.8 views

School’s AI system mistakes a bag of chips for a gun

An artificial intelligence AI detection system at Kenwood High School mistakenly flagged a student’s bag of potato chips as a gun, triggering a police response. The 16-year-old had finished eating a bag of Doritos and crumpled it up in his pocket when he was done. But the school’s AI-based gun...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/10/24 1:35 p.m.8 views

Is AI moving faster than its safety net?

You’ve probably noticed that artificial intelligence, or AI, has been everywhere lately—news, phones, apps, even in your browser. It seems like everything suddenly wants to be “powered by AI.“ If it’s not, it’s considered old school and boring. It’s easy to get swept up in the promise: smarter...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/10/22 12:0 p.m.8 views

Zero-click Dolby audio bug lets attackers run code on Android and Windows devices

Researchers from Google’s Project Zero discovered a medium-severity remote code execution RCE vulnerability that affects multiple platforms, including Android Samsung and Pixel devices and Windows. Remote code execution means an attacker could run programs on your device without your permission...

6.5CVSS8.6AI score0.01613EPSS
Exploits1
Malwarebytes
Malwarebytes
added 2025/10/20 2:26 p.m.8 views

What does Google know about me? (Lock and Code S06E21)

This week on the Lock and Code podcast … Google is everywhere in our lives. It's reach into our data extends just as far. After investigating how much data Facebook had collected about him in his nearly 20 years with the platform, Lock and Code host David Ruiz had similar questions about the othe...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/10/17 10:8 a.m.8 views

Prosper data breach puts 17 million people at risk of identity theft

Peer-to-peer lending marketplace Prosper detected unauthorized activity on their systems on September 2, 2025. It published an FAQ page later that month to address the incident. During the incident, the attacker stole personal information belonging to Prosper customers and loan applicants. As...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/10/14 12:45 p.m.8 views

AI-driven scams are preying on Gen Z’s digital lives​

Gone are the days when extortion was only the plot line of crime dramas—today, these threatening tactics target anyone with a smartphone. As AI makes fake voices and videos sound and look real, high-pressure plays like sextortion, deepfakes, and virtual kidnapping feel more believable than ever...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/10/10 11:32 a.m.8 views

Millions of (very) private chats exposed by two AI companion apps

Cybernews discovered how two AI companion apps, Chattee Chat and GiMe Chat, exposed millions of intimate conversations from over 400,000 users. This is not the first time we have to write about AI "girlfriends" exposing their secrets—and it probably won't be the last. This latest incident is a...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/09/26 4:38 p.m.8 views

Hackers threaten parents: Get nursery to pay ransom or we leak your child’s data

Just when you think extortionists can’t sink any lower, along comes a lowlife that manages to surprise you. The BBC reported that a group calling itself "Radiant" claims to have stolen sensitive data related to around 8,000 children from nursery chain Kido, which operates in the UK, US, China, an...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/09/23 9:18 a.m.8 views

Scammers are impersonating the FBI to steal your personal data

Been scammed? Hoping to report it to the FBI? Definitely do so, but be careful. Spoofed versions of the FBI's Internet Crime Complaint Center IC3 website are now circulating online, and they lead straight back to the scammers. The FBI issued an advisory last week, warning that cybercriminals are...

6.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/09/17 1:45 p.m.8 views

224 malicious apps removed from the Google Play Store after ad fraud campaign discovered

Researchers have discovered a large ad fraud campaign on Google Play Store. The Satori Threat Intelligence and Research team found 224 malicious apps which were downloaded over 38 million times and generated up to 2.3 billion ad requests per day. They named the campaign "SlopAds." Ad fraud is a...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/09/17 10:4 a.m.8 views

Airline data broker selling 5 billion passenger records to US government

We already knew that the US airline industry gave the government access to passenger records. However, this week it emerged that at least five billion passenger records are being sold to government agencies via a searchable database—far more than was initially believed. A few weeks ago,...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/09/16 10:20 a.m.8 views

“A dare, a challenge, a bit of fun:” Children are hacking their own schools’ systems, says study

As if ransomware wasn’t enough of a security problem for the sector, educational institutions also need to worry about their own students, a recent study shows. Last week, the UK Information Commissioner’s Office ICO published a report about the "insider threat of students". Here are a few key...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/09/16 10:17 a.m.8 views

Watch out for the “We are hiring” remote online evaluator message scam

Looking at our team’s recent text messages, you’d think that remote online evaluators are in high demand right now. Several members of our team have received the almost exact same job offer scam texts. The content of the messages is almost identical, but there is a variation in background images...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/09/11 9:49 p.m.8 views

Meta ignored child sex abuse in VR, say whistleblowers

Two former employees at Meta testified against the company at a Senate hearing this week, accusing it of downplaying the dangers of child abuse in its virtual reality VR environment. The whistleblowers say they saw incidents where children were asked for sex acts and nude photos in Facebook's VR...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/09/11 12:46 p.m.8 views

When AI chatbots leak and how it happens

In a recent article on Cybernews there were two clear signs of how fast the world of AI chatbots is growing. A company I had never even heard of had over 150 million app downloads across its portfolio, and it also had an exposed unprotected Elasticsearch instance. This needs a bit of an...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/09/11 12:41 p.m.8 views

Fake Bureau of Motor Vehicles texts are after your personal and banking details

Scammers are sending out texts that claim to be from the Bureau of Motor Vehicles BMV, saying that you have outstanding traffic tickets. Here's an example, which was sent to one of our employees. “Ohio BMV Final Notice: Enforcement Begins September 10nd. Our records indicate that as of today, you...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/09/09 7:24 p.m.8 views

Popeyes, Tim Hortons, Burger King platforms have “catastrophic” vulnerabilities, say hackers

Two ethical hackers say they have uncovered massive security vulnerabilities in the platforms hosted by Restaurant Brands International RBI. RBI is one of the world's largest quick service restaurant companies. It was formed in 2014 through a $12.5 billion merger of the American fast food chain...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/09/03 9:24 p.m.8 views

Update your Android! Google patches 111 vulnerabilities, 2 are critical

Google has patched 111 vulnerabilities in Android, including two critical flaws, in its September 2025 Android Security Bulletin. While the last few months have been quite calm regarding the number of vulnerabilities, this month is a real whopper with 111, compared to 6 in August and none in July...

8.8CVSS7.5AI score0.01345EPSS
Exploits9
Malwarebytes
Malwarebytes
added 2025/09/03 11:39 a.m.8 views

PayPal users targeted in account profile scam

A co-worker forwarded this rather convincing PayPal scam to me. Thanks Elena. A highly sophisticated email scam is targeting PayPal users with the subject line of "Set up your account profile." We decided to see what the scammers are after. First thing to do is to look at the headers: The sender...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/08/28 11:7 a.m.8 views

Claude AI chatbot abused to launch “cybercrime spree”

Anthropic—the company behind the widely renowned coding chatbot, Claude—says it uncovered a large-scale extortion operation in which cybercriminals abused Claude to automate and orchestrate sophisticated attacks. The company issued a Threat Intelligence report in which it describes several...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/08/21 12:4 p.m.8 views

All Apple users should update after company patches zero-day vulnerability in all platforms

Apple has released security updates for iPhones, iPads and Macs to fix a zero-day vulnerability a vulnerability which Apple was previously unaware of that is reportedly being used in targeted attacks. The updates cover: iOS 18.6.2 and iPadOS 18.6.2 iPhone XS and later, iPad Pro 13-inch, iPad Pro...

8.8CVSS7.1AI score0.19972EPSS
Exploits9
Malwarebytes
Malwarebytes
added 2025/08/15 4:46 p.m.8 views

National Public Data returns after massive Social Security Number leak

Remember that data broker nobody had ever heard of, but managed to leak a database which contained the data of some 2.9 billion people? It's back, and this time with a search function. National Public Data suffered an alleged breach in 2024 against a data base that, it turned out, carried 272...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/08/06 12:45 p.m.8 views

Perplexity AI ignores no-crawling rules on websites, crawls them anyway

Imagine putting up a no-trespassing sign for people walking their dogs, and then finding out that one person dresses up their Great Dane as a calf and walks it on your grounds. Well that's sort of what AI answer engine Perplexity has been doing, by evading the no-crawl directives of websites,...

6.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/08/05 11:1 a.m.8 views

Unexpected snail mail packages are being sent with scammy QR codes, warns FBI

Receiving an unexpected package in the post is not always a pleasant surprise. The FBI has warned the public about unsolicited packages containing a QR code which leads to a website aimed at stealing personal data or downloading malware to the victim's device. The packages are often shipped witho...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/08/01 3:30 p.m.8 views

OpenAI kills “short-lived experiment” where ChatGPT chats could be found on Google

A little-known ChatGPT "feature" is now gone. It could be a good thing. On X, OpenAI Chief Information Security Officer Dane Stuckey announced that OpenAI "removed a feature from ChatGPT that allowed users to make their conversations discoverable by search engines, such as Google." Stuckey called...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/07/29 3:38 p.m.8 views

How the FBI got everything it wanted (re-air) (Lock and Code S06E15)

This week on the Lock and Code podcast… For decades, digital rights activists, technologists, and cybersecurity experts have worried about what would happen if the US government secretly broke into people’s encrypted communications. The weird thing, though, is that, in 2018, it already happened...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/07/21 1:13 p.m.8 views

“Ring cameras hacked”? Amazon says no, users not so sure

In the last week, countless Amazon Ring users on TikTok, Reddit, and X have been saying they believe their Ring cameras were hacked starting May 28. Many posted screenshots of their accounts, showing multiple unauthorized device logins, making these claims hard to ignore. Forbes looked into the...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/07/17 12:36 p.m.8 views

Chrome fixes 6 security vulnerabilities. Get the update now!

Google has released an update for its Chrome browser to patch six security vulnerabilities, including one zero-day. This update is crucial since it addresses one actively exploited vulnerability which can be abused when the user visits a malicious website. It doesn’t require any further user...

8.8CVSS5.9AI score0.09185EPSS
Exploits0
Total number of security vulnerabilities4706