4706 matches found
How AI was used in an advanced phishing campaign targeting Gmail users
In May, 2024, the FBI warned about the increasing threat of cybercriminals using Artificial Intelligence AI in their scams. At the time, FBI Special Agent in Charge Robert Tripp said: “Attackers are leveraging AI to craft highly convincing voice or video messages and emails to enable fraud scheme...
Avery had credit card skimmer stuck on its site for months
The consequences of a wave of credit card skimmers—which is normal around the holidays—are starting to show. Label maker Avery has filed a data breach notification, saying 61,193 people may have had their credit card details stolen. On December 9, Avery said it became aware of an attack on its...
The new rules for AI and encrypted messaging, with Mallory Knodel (Lock and Code S06E01)
This week on the Lock and Code podcast … The era of artificial intelligence everything is here, and with it, come everyday surprises into exactly where the next AI tools might pop up. There are major corporations pushing customer support functions onto AI chatbots, Big Tech platforms offering AI...
A week in security (November 11 – November 17)
Last week on Malwarebytes Labs: Malicious QR codes sent in the mail deliver malware 122 million people’s business contact info leaked by data broker Advertisers are pushing ad and pop-up blockers using old tricks Scammer robs homebuyers of life savings in $20 million theft spree Temu must respect...
8 security tips for small businesses
Small businesses and startups are known to face some extra challenges when it comes to cybersecurity. Because they don’t have the size or budget to have a fully-fledged dedicated security team, it often comes down to one person that doesn’t have the time to do everything that is recommended or ev...
Browser Guard now flags data breaches and better protects personal data
Two things are true of data online: It will be collected and, just as easily, it will be lost. But a major update to Malwarebytes Browser Guard will better protect users from opaque data collection that happens every day online, as well as raising their awareness about corporate data breaches tha...
Not Black Mirror: Meta’s smart glasses used to reveal someone’s identity just by looking at them
Like something out of Black Mirror, two students have demonstrated a way to use smart glasses and facial recognition technology to immediately reveal people’s names, phone numbers, and addresses. The Harvard students have dubbed the system I-XRAY and it works like this: When you look at someone’s...
A week in security (September 16 – September 22)
Last week on Malwarebytes Labs: "Simply staggering" surveillance conducted by social media and streaming services, FTC finds Tor anonymity compromised by law enforcement. Is it still safe to use? Walmart customers scammed via fake shopping lists, threatened with arrest Snapchat wants to put your...
How to avoid election related scams
With the US election campaigns at full throttle, scammers have taken a renewed interest in the ways this can be used to defraud people, often using the same tactics legitimate campaigns leverage for support emails, text messages, phone calls, and social media pleas. The lure that we have seen the...
Hacked GPS tracker reveals location data of customers
Stalkerware researcher maia arson crimew strikes again. Big time. We know maia as a researcher that loves to go after stalkerware peddlers, which Malwarebytes—as one of the founding members of the Coalition Against Stalkerware—loves to see. This time the target company, Tracki, is one selling GPS...
The inside job that cost ransomware victims millions
When a ransomware crew locks up your servers, the outside negotiator you hire has to know everything about you so that they can negotiate a smaller ransom payment. You tell them what your cyber-insurance covers and what your board is willing to pay. You have to. That's the whole reason you hire...
Scammers are using AI to sell impossible flowers
We've had problems with deepfake celebrity scams, non-consensual deepfake sexual material, and deepfake politicians. Now we have to deal with… deepfake plants? Yup, AI seed slop is now a thing. 404 Media documented scammers marketing seeds for plants that supposedly bloom in the shape of birds,...
Malicious trading website drops malware that hands your browser to attackers
During our threat hunting, we found a campaign using the same malware loader from our previous research to deliver a different threat: Needle Stealer , data-stealing malware designed to quietly harvest sensitive information from infected devices, including browser data, login sessions, and...
A fake Slack download is giving attackers a hidden desktop on your machine
A trojanized Slack download from a typosquatting website is giving attackers something most users wouldn’t even know to look for: a hidden desktop running on their machine. The installer looks legitimate and even launches a working copy of Slack. But in the background, it can create an invisible...
That dream job offer from Coca-Cola or Ferrari? It’s a trap for your passwords
As layoffs surge and job seekers flood the market, phishing campaigns impersonating major brands, including Coca-Cola and Ferrari, are ramping up—and they’re more sophisticated than ever. The first scam we found uses a convincing booking page to collect personal details, then tricks victims into...
Axios supply chain attack chops away at npm trust
Researchers found that compromised Axios versions installed a Remote Access Trojan. Axios is a promise-based HTTP Client for node.js, basically a helper tool that developers use behind the scenes to let apps talk to the internet. For example, Axios makes requests such as “get my messages from the...
New macOS security feature will alert users about possible ClickFix attacks
Rumor has it that Apple deployed a new security feature in the fight against ClickFix. The new feature will be available for macOS Tahoe 26.4 and it will warn Mac users if they paste certain commands into the Terminal app that might be harmful. If such a command is pasted, macOS will warn the use...
Bogus Avast website fakes virus scan, installs Venom Stealer instead
A fake website impersonating Avast antivirus is tricking people into infecting their own computers. The site looks legitimate, runs what appears to be a virus scan, and claims your system is full of threats. But the results are fake: when you’re prompted to “fix” the problem, the download you’re...
Scam compounds hiring “AI models” to seal the deal in deepfake video calls
Scam compounds in Southeast Asia have already become modern slave farms, trapping victims and forcing many of them to become scammers for them. Now they've added another type of worker to the mix: so-called AI models. These professional scammers conduct video calls with their targets, charming th...
A week in security (March 16 – March 22)
Last week on Malwarebytes Labs: Could your face change what you pay? NYC wants limits on biometric tracking That "job brief" on Google Forms could infect your device A DarkSword hangs over unpatched iPhones Your tax forms sell for $20 on the dark web Researchers found font-rendering trick to hide...
That “job brief” on Google Forms could infect your device
We've identified a campaign using business-related lures, such as job interviews, project briefs, and financial document, to distribute malware, including the PureHVNC Remote Access Trojan RAT. It's not the malware that's new, but how the attack starts. Instead of the usual phishing email or fake...
Google cracks down on Android apps abusing accessibility
Google just dropped a bombshell for app developers with the latest version of its Android mobile operating system. The company can now prevent apps from installing if they try to use the system's accessibility features. The new development, live in version 17.2 of Android, is all about security,...
Attackers impersonate Temu in ClickFix $Temu airdrop scam
Update Friday, March 13: A Temu spokesperson contacted us to say: " Temu has not issued any cryptocurrency, token, or digital asset—including any so-called "Temu Coin." Any airdrop, wallet claim, or cryptocurrency offer purporting to be from Temu is fraudulent and has no connection to our company...
Phishers hide scam links with IPv6 trick in “free toothbrush” emails
A recurring lure in phishing emails impersonating United Healthcare is the promise of a free Oral-B toothbrush. But the interesting part isn’t the toothbrush. It’s the link. Two examples of phishing emails Recently we found that these phishers have moved from using Microsoft Azure Blob Storage...
Quiz sites trick users into enabling unwanted browser notifications
Our support team flagged a number of customers who suspected their device might be infected with malware, but Malwarebytes scans came up empty. When the customers provided screenshots, our Malware Removal Support team quickly recognized the format as web push notifications. The reason the scans...
Does the UK really want to ban VPNs? And can it be done?
The idea of a "Great British Firewall" makes for a catchy headline, but it would be riddled with holes and cause huge problems. The Guardian reports that the GCHQ Government Communications Headquarters, a UK intelligence, security, and cyber agency, is exploring the idea of a British firewall...
Developer creates app to detect nearby smart glasses
An independent developer, moved after reading about the abuse of smart glasses to film people without their consent, decided to create an app to detect nearby smart glasses. Smart glasses are wearable devices built into ordinary-looking eyewear that add functions like audio, cameras, sensors, and...
A week in security (February 16 – February 22)
Last week on Malwarebytes Labs: Age verification vendor Persona left frontend exposed, researchers say Facebook ads spread fake Windows 11 downloads that steal passwords and crypto wallets AI-generated passwords are a security risk Intimate products maker Tenga spilled customer data Meta patents ...
Child exploitation, grooming, and social media addiction claims put Meta on trial
Meta is facing two trials over child safety allegations in California and New Mexico. The lawsuits are landmark cases, marking the first time that any such accusations have reached a jury. Although over 40 state attorneys general have filed suits about child safety issues with social media, none...
Malwarebytes earns PCMag Best Tech Brand spot, scores 100% with MRG Effitas
Malwarebytes is on a roll. Recently named one of PCMag's “Best Tech Brands for 2026,” Malwarebytes also scored 100% on the first-ever MRG Effitas consumer security product test, cementing the fact that we are loved by users and trusted by experts. But don’t take our word for it. As PCMag Principa...
Firefox is giving users the AI off switch
Some software providers have decided to lead by example and offer users a choice about the Artificial Intelligence AI features built into their products. The latest example is Mozilla, which now offers users a one-click option to disable generative AI features in the Firefox browser. Audiences ar...
How Manifest v3 forced us to rethink Browser Guard, and why that’s a good thing
As a Browser Guard user, you might not have noticed much difference lately. Browser Guard still blocks scams and phishing attempts just like always, and, in many cases, even better. But behind the scenes, almost everything changed. The rules that govern how browser extensions work went through a...
Scam-checking just got easier: Malwarebytes is now in ChatGPT
If you’ve ever stared at a suspicious text, email, or link and thought “Is this a scam… or am I overthinking it?” Well, you’re not alone. Scams are getting harder to spot, and even savvy internet users get caught off guard. That’s why Malwarebytes is the first cybersecurity provider available...
A week in security (January 5 – January 11)
Last week on Malwarebytes Labs: pcTattletale founder pleads guilty as US cracks down on stalkerware Are we ready for ChatGPT Health? CISA warns of active attacks on HPE OneView and legacy PowerPoint Lego’s Smart Bricks explained: what they do, and what they don’t Fake WinRAR downloads hide malwar...
Android mobile adware surges in second half of 2025
Android users spent 2025 walking a tighter rope than ever, with malware, data‑stealing apps, and SMS‑borne scams all climbing sharply while attackers refined their business models around mobile data and access. Looking back, we may view 2025 as the year when one-off scams were replaced on the sco...
GhostFrame phishing kit fuels widespread attacks against millions
GhostFrame is a new phishing-as-a-service PhaaS kit, tracked since September 2025, that has already powered more than a million phishing attacks. Threat analysts spotted a series of phishing attacks featuring tools and techniques they hadn't seen before. A few months later, they had linked over a...
Deepfakes, AI resumes, and the growing threat of fake applicants
Recruiters expect the odd exaggerated resume, but many companies, including us here at Malwarebytes, are now dealing with something far more serious: job applicants who aren't real people at all. From fabricated identities to AI-generated resumes and outsourced impostor interviews, hiring pipelin...
Fake LinkedIn jobs trick Mac users into downloading Flexible Ferret malware
Researchers have discovered a new attack targeting Mac users. It lures them to a fake job website, then tricks them into downloading malware via a bogus software update. The attackers pose as recruiters and contact people via LinkedIn, encouraging them to apply for a role. As part of the...
What the Flock is happening with license plate readers?
You’re driving home after another marathon day of work and kid-shuttling, nursing a lukewarm coffee in a mug that's trying too hard. As you turn onto your street, something new catches your eye. It's a tall pole with a small, boxy device perched on top. But it's not a bird-house and there's no...
1 million victims, 17,500 fake sites: Google takes on toll-fee scammers
A Phishing-as-a-Service PhaaS platform based in China, known as “Lighthouse,” is the subject of a new Google lawsuit. Lighthouse enables smishing SMS phishing campaigns, and if you’re in the US there is a good chance you've seen their texts about a small amount you supposedly owe in toll fees...
How Malwarebytes stops the ransomware attack that most security software can’t see
Imagine this scenario: Your protection software is running perfectly. Systems are protected, definitions are up to date, behavioral analysis is active. Then, suddenly, files across your network start getting encrypted. Backups are being deleted. Ransom notes appear across your machines. Your...
Fake CAPTCHA sites now have tutorial videos to help victims install malware
Early on in 2025, I described how criminals used fake CAPTCHA sites and a clipboard hijacker to provide instructions for website visitors that would effectively infect their own machines with an information stealer known as the Lumma Stealer. ClickFix is the name researchers have since given to...
Android malware steals your card details and PIN to make instant ATM withdrawals
The Polish Computer Emergency Response Team CERT Polska analyzed a new Android-based malware that uses NFC technology to perform unauthorized ATM cash withdrawals and drain victims' bank accounts. Researchers found that the malware, called NGate, lets attackers withdraw cash from ATMs Automated...
Take control of your privacy with updates on Malwarebytes for Windows
It’s getting harder to keep your Windows space truly yours, as Microsoft increasingly serves annoying ads and tracks your data across third-party apps. Pushing back against your eroding privacy has been a scattered and sometimes complicated process… but we're making it easier for you. With the...
NSFW ChatGPT? OpenAI plans “grown-up mode” for verified adults
If you've had your fill of philosophical discussions with ChatGPT, CEO Sam Altman has news for you: the service will soon be able to engage in far less highbrow conversations of the sexual kind. That's right—sexting is coming to ChatGPT. Are we really surprised? It marks a change in sentiment for...
A week in security (October 20 – October 26)
Last week on Malwarebytes Labs: Is AI moving faster than its safety net? Thousands of online stores at risk as SessionReaper attacks spread Apple may have to open its walled garden to outside app stores Meta boosts scam protection on WhatsApp and Messenger Home Depot Halloween phish gives users a...
Meta boosts scam protection on WhatsApp and Messenger
Vulnerable Facebook Messenger and WhatsApp users are getting more protection thanks to a move from the applications' owner, Meta. The company has announced more safeguards to protect users especially the elderly from scammers. The social media, publishing, and VR giant has added a new warning on...
Home Depot Halloween phish gives users a fright, not a freebie
We received a timely phishing email pretending to come from Home Depot. It claimed we’d won a Gorilla Carts dump cart that’s a sort of four-wheeled wheelbarrow for anyone unfamiliar—and said it was just one click away. It wasn’t. The whole image in the email was clickable, and it hid plenty of...
Mango discloses data breach at third-party provider
Mango has reported a data breach at one of its external marketing service providers. The Spanish fashion retailer says that only personal contact information has been exposed—no financial data. The breach took place at the service provider and did not affect Mango’s own systems. According to the...
TikTok scam sells you access to your own fake money
This scam starts in your TikTok DMs. A brand-new account drops a melodramatic message—terminal illness, last goodbye, “I left you some assets.” At the bottom: a ready-made username and password for a crypto site you’ve never used. It’s designed to feel urgent and personal so you tap before you...