Criminals are using AI website builders to clone major brands

AI tool Vercel was abused by cybercriminals to create a Malwarebytes lookalike website. Cybercriminals no longer need design or coding skills to create a convincing fake brand site. All they need is a domain name and an AI website builder. In minutes, they can clone a site's look and feel, plug i...

Malwarebytes earns PCMag Best Tech Brand spot, scores 100% with MRG Effitas

Malwarebytes is on a roll. Recently named one of PCMag's “Best Tech Brands for 2026,” Malwarebytes also scored 100% on the first-ever MRG Effitas consumer security product test, cementing the fact that we are loved by users and trusted by experts. But don’t take our word for it. As PCMag Principa...

Discord will limit profiles to teen-appropriate mode until you verify your age

Discord announced it will put all existing and new profiles in teen-appropriate mode by default in early March. The teen-appropriate profile mode will remain in place until users prove they are adults. To change a profile to “full access” will require verification by Discord’s age inference model...

Fake 7-Zip downloads are turning home PCs into proxy nodes

A convincing lookalike of the popular 7-Zip archiver site has been serving a trojanized installer that silently converts victims’ machines into residential proxy nodes—and it has been hiding in plain sight for some time. “I’m so sick to my stomach” A PC builder recently turned to Reddit’s...

Firefox is giving users the AI off switch

Some software providers have decided to lead by example and offer users a choice about the Artificial Intelligence AI features built into their products. The latest example is Mozilla, which now offers users a one-click option to disable generative AI features in the Firefox browser. Audiences ar...

An AI plush toy exposed thousands of private chats with children

Bondu’s AI plush toy exposed a web console that let anyone with a Gmail account read about 50,000 private chats between children and their cuddly toys. Bondu's toy is marketed as: “A soft, cuddly toy powered by AI that can chat, teach, and play with your child.” What it doesn’t say is that anyone...

Apple’s new iOS setting addresses a hidden layer of location tracking

Most iPhone owners have hopefully learned to manage app permissions by now, including allowing location access. But there's another layer of location tracking that operates outside these controls. Your cellular carrier has been collecting your location data all along, and until now, there was...

TikTok’s privacy update mentions immigration status. Here’s why.

In 2026, could any five words be more chilling than “We’re changing our privacy terms?” The timing could not have been worse for TikTok US when it sent millions of US users a mandatory privacy pop-up on January 22. The message forced users to accept updated terms if they wanted to keep using the...

Meta confirms it’s working on premium subscription for its apps

Meta plans to test exclusive features that will be incorporated in paid versions of Facebook, Instagram, and WhatsApp. It confirmed these plans to TechCrunch. But these plans are not to be confused with the ad-free subscription options that Meta introduced for Facebook and Instagram in the EU, th...

Google will pay $8.25m to settle child data-tracking allegations

Google has settled yet another class-action lawsuit accusing it of collecting children’s data and using it to target them with advertising. The tech giant will pay $8.25 million to address allegations that it tracked data on apps specifically designated for kids. AdMob's mobile data collection Th...

Phishing scammers are posting fake “account restricted” comments on LinkedIn

Recently, fake LinkedIn profiles have started posting comment replies claiming that a user has " engaged in activities that are not in compliance" with LinkedIn's policies and that their account has been " temporarily restricted" until they submit an appeal through a specified link in the comment...

How real software downloads can hide remote backdoors

It starts with a simple search. You need to set up remote access to a colleague’s computer. You do a Google search for “RustDesk download,” click one of the top results, and land on a polished website with documentation, downloads, and familiar branding. You install the software, launch it, and...

Data broker fined after selling Alzheimer’s patient info and millions of sensitive profiles

California's privacy regulator has fined a Texas data broker $45,000 and banned it from selling Californians' personal information after it sold Alzheimer patients' data. Texan company Rickenbacher Data LLC, which does business as Datamasters, bought and resold the names, addresses, phone numbers...

Why iPhone users should update and restart their devices now

If you were still questioning whether iOS 26+ is for you, now is the time to make that call. Why? On December 12, 2025, Apple patched two WebKit zero‑day vulnerabilities linked to mercenary spyware and is now effectively pushing iPhone 11 and newer users toward iOS 26+, because that’s where the...

Enshittification is ruining everything online (Lock and Code S07E01)

This week on the Lock and Code podcast … There's a bizarre thing happening online right now where everything is getting worse. Your Google results have become so bad that you’ve likely typed what you’re looking for, plus the word “Reddit,” so you can find discussion from actual humans. If you...

Are we ready for ChatGPT Health?

How comfortable are you with sharing your medical history with an AI? I’m certainly not. OpenAI’s announcement about its new ChatGPT Health program prompted discussions about data privacy and how the company plans to keep the information users submit safe. ChatGPT Health is a dedicated “health...

CISA warns of active attacks on HPE OneView and legacy PowerPoint

The US Cybersecurity and Infrastructure Security Agency CISA added both a newly discovered flaw and a much older one to its catalog of Known Exploited Vulnerabilities KEV. The KEV catalog gives Federal Civilian Executive Branch FCEB agencies a list of vulnerabilities that are known to be exploite...

One million customers on alert as extortion group claims massive Brightspeed data haul

US fiber broadband company Brightspeed is investigating claims by the Crimson Collective extortion group that it stole sensitive data belonging to more than 1 million residential customers, including extensive personally identifiable information PII, as well as account and billing details...

A week in security (December 29 – January 4)

Last week on Malwarebytes Labs: How AI made scams more convincing in 2025 In 2025, age checks started locking people out of the internet 2025 exposed the risks we ignored while rushing AI Malware in 2025 spread far beyond Windows PCs Stay safe! We don 't just report on privacy—we offer you the...

In 2025, age checks started locking people out of the internet

If 2024 was the year lawmakers talked about online age verification, 2025 was the year they actually flipped the switch.​ In 2025, across parts of Europe and the US, age checks for certain websites especially pornography turned long‑running child‑protection debates into real‑world access controls...

2025 exposed the risks we ignored while rushing AI

This blog is part of a series where we highlight new or fast-evolving threats in the consumer security landscape. This one looks at how the rapid rise ofArtificial Intelligence AI is putting users at risk. In 2025 we saw an ever-accelerating race between AI providers to push out new features. We...

CISA warns ASUS Live Update backdoor is still exploitable, seven years on

Recently, the Cybersecurity and Infrastructure Security Agency CISA added along with two others a vulnerability in ASUS Live Update to its catalog of Known Exploited Vulnerabilities KEV. The KEV catalog lists vulnerabilities that are known to be exploited in the wild and sets patch deadlines for...

Photo booth flaw exposes people’s private pictures online

Photo booths are great. You press a button and get instant results. The same can’t be said, allegedly, for the security practices of at least one company operating them. A security researcher spent weeks trying to warn a photo booth operator about a vulnerability in its system. The flaw reportedl...

PayPal closes loophole that let scammers send real emails with fake purchase notices

After an investigation by BleepingComputer, PayPal closed a loophole that allowed scammers to send emails from the legitimate [email protected] email address. Following reports from people who received emails claiming an automatic payment had been cancelled, BleepingComputer found that...

Prompt injection is a problem that may never be fixed, warns NCSC

Prompt injection is shaping up to be one of the most stubborn problems in AI security, and the UK’s National Cyber Security Centre NCSC has warned that it may never be “fixed” in the way SQL injection was. Two years ago, the NCSC said prompt injection might turn out to be the “SQL injection of th...

How phishers hide banking scams behind free Cloudflare Pages

During a recent investigation, we uncovered a phishing operation that combines free hosting on developer platforms with compromised legitimate websites to build convincing banking and insurance login portals. These fake pages don't just grab a username and password–they also ask for answers to...

Scammers harvesting Facebook photos to stage fake kidnappings, warns FBI

The FBI has warned about a new type of scam where your Facebook pictures are harvested to act as “proof-of-life” pictures in a virtual kidnapping. The scammers pretend they have kidnapped somebody and contact friends and next of kin to demand a ransom for their release. While the alleged victim i...

A week in security (December 1 – December 7)

Last week on Malwarebytes Labs: Leaks show Intellexa burning zero-days to keep Predator spyware running How scammers use fake insurance texts to steal your identity Canadian police trialing facial recognition bodycams Update Chrome now: Google fixes 13 security issues affecting billions Attackers...

Air fryer app caught asking for voice data (re-air) (Lock and Code S06E24)

This week on the Lock and Code podcast … It's often said online that if a product is free, you're the product, but what if that bargain was no longer true? What if, depending on the device you paid hard-earned money for, you still became a product yourself, to be measured, anonymized, collated,...

Whispering poetry at AI can make it break its own rules

Most of the big AI makers don't like people using their models for unsavory activity. Ask one of the mainstream AI models how to make a bomb or create nerve gas and you'll get the standard "I don't help people do harmful things" response. That has spawned a cat-and-mouse game of people who try to...

New Android malware lets criminals control your phone and drain your bank account

Albiriox is a new family of Android banking malware that gives attackers live remote control over infected phones, letting them quietly drain bank and crypto accounts during real sessions. Researchers have analyzed a new Android malware family called Albiriox which is showing signs of developing...

Millions at risk after nationwide CodeRED alert system outage and data breach

A nationwide cyberattack against the OnSolve CodeRED emergency notifications system has prompted cities and counties across the US to warn residents and advise them to change their passwords. CodeRED is used by local governments to deliver fast, targeted alerts during severe weather, evacuations,...

AI teddy bear for kids responds with sexual content and advice about weapons

In testing, FoloToy’s AI teddy bear jumped from friendly chat to sexual topics and unsafe household advice. It shows how easily artificial intelligence can cross serious boundaries. It’s a fair moment to ask whether AI-powered stuffed animals are appropriate for children. It’s easy to get swept u...

Holiday scams 2025: These common shopping habits make you the easiest target

Every year, shoppers get faster, savvier, and more mobile. We compare prices on the go, download apps for coupons, and jump on deals before they disappear. But during deal-heavy periods like Black Friday, Cyber Monday, and the December shopping rush, convenience can work against us. Quick...

Sharenting: are you leaving your kids’ digital footprints for scammers to find?

Let’s be real: the online world is a huge part of our kids’ lives these days. From the time they’re tiny, we share photos, moments, and milestones online—proud parent stuff! Schools, friends, and family all get involved too. Before we know it, our kids have a whole digital history they didn’t eve...

Chrome zero-day under active attack: visiting the wrong site could hijack your browser

Google has released an update for its Chrome browser that includes two security fixes. Both are classified as high severity, and one is reportedly exploited in the wild. These flaws were found in Chrome’s V8 engine, which is the part of Chrome and other Chromium-based browsers that runs JavaScrip...

Your coworker is tired of AI “workslop” (Lock and Code S06E23)

This week on the Lock and Code podcast … Everything's easier with AI… except having to correct it. In just the three years since OpenAI released ChatGPT, not only has onlife life changed at home—it's also changed at work. Some of the biggest software companies today, like Microsoft and Google, ar...

A week in security (November 10 – November 16)

Last week on Malwarebytes Labs: Be careful responding to unexpected job interviews Your passport, now on your iPhone. Helpful or risky? 1 million victims, 17,500 fake sites: Google takes on toll-fee scammers Are you paying more than other people? NY cracks down on surveillance pricing We opened a...

Sling TV turned privacy into a game you weren’t meant to win

Streaming service Sling TV has settled with the California Attorney General over allegations that it blocked users from exercising their privacy rights. The company will pay $530,000 after being accused of making it difficult for customers to opt out of its data collection practices. The Californ...

Malwarebytes aces PCMag Readers’ Choice Awards and AVLab Cybersecurity Foundation tests

Malwarebytes proudly topped three categories in PCMag’s 2025 Readers’ Choice Awards, recognized for exceptional protection and user satisfaction. We also earned the latest badge from AVLab Cybersecurity Foundation’s September “Advanced In-The-Wild Malware Test” by blocking 100% of malware samples...

How scammers use your data to create personalized tricks that work

Think of your digital footprint as your online shadow—the trail you leave behind whenever you browse, post, shop, or even appear in someone’s contact list. It’s your likes, reviews, comments, and all the little traces you didn’t mean to share. Together, they paint a picture of you—one that friend...

NSFW ChatGPT? OpenAI plans “grown-up mode” for verified adults

If you've had your fill of philosophical discussions with ChatGPT, CEO Sam Altman has news for you: the service will soon be able to engage in far less highbrow conversations of the sexual kind. That's right—sexting is coming to ChatGPT. Are we really surprised? It marks a change in sentiment for...

How to set up two factor authentication (2FA) on your Instagram account

Two-factor authentication 2FA isn't foolproof, but it is one of the best ways to protect your accounts from hackers. It adds a small extra step when logging in, but that extra effort pays off. Instagram’s 2FA requires an additional code whenever you try to log in from an unrecognized device or...

Phishing scam uses fake death notices to trick LastPass users

LastPass has alerted users about a new phishing attack that claims the recipient has died. According to the message, a family member has submitted a death certificate to gain access to the recipient’s password vault. A link in the phishing email, supposedly to stop the request, leads to a fake pa...

A week in security (October 20 – October 26)

Last week on Malwarebytes Labs: Is AI moving faster than its safety net? Thousands of online stores at risk as SessionReaper attacks spread Apple may have to open its walled garden to outside app stores Meta boosts scam protection on WhatsApp and Messenger Home Depot Halloween phish gives users a...

Meta boosts scam protection on WhatsApp and Messenger

Vulnerable Facebook Messenger and WhatsApp users are getting more protection thanks to a move from the applications' owner, Meta. The company has announced more safeguards to protect users especially the elderly from scammers. The social media, publishing, and VR giant has added a new warning on...

Zero-click Dolby audio bug lets attackers run code on Android and Windows devices

Researchers from Google’s Project Zero discovered a medium-severity remote code execution RCE vulnerability that affects multiple platforms, including Android Samsung and Pixel devices and Windows. Remote code execution means an attacker could run programs on your device without your permission...

Windows update breaks USB support in recovery mode

We usually tell our faithful readers to install updates as soon as possible, but this time there’s an exception. Microsoft’s October security update has disabled USB mice and keyboards in the Windows Recovery Environment WinRE. WinRE is a special mode built into Windows that helps you fix problem...

You can poison AI with just 250 dodgy documents

Researchers have shown how you can corrupt an AI and make it talk gibberish by tampering with just 250 documents. The attack, which involves poisoning the data that an AI trains on, is the latest in a long line of research that has uncovered vulnerabilities in AI models. Anthropic which produces...

What does Google know about me? (Lock and Code S06E21)

This week on the Lock and Code podcast … Google is everywhere in our lives. It's reach into our data extends just as far. After investigating how much data Facebook had collected about him in his nearly 20 years with the platform, Lock and Code host David Ruiz had similar questions about the othe...