Giorgio

Last week on Malwarebytes Labs: Microsoft wants to automatically save your Word docs to the cloud “No place in our networks”: FCC hangs up on thousands of voice operators in robocall war Claude AI chatbot abused to launch “cybercrime spree” Developer verification: a promised lift for Android security More vulnerable stalkerware victims’ data exposed in […]

Everyone hates robocalls. However, it’s difficult to track down all the scammers and spammers that make them, so the Federal Communications Commission (FCC) has taken another approach: it just disconnected over a thousand voice operators from the public telephone network for not doing their part to stop the scourge. This week, the Commission’s Enforcement Bureau

Anthropic—the company behind the widely renowned coding chatbot, Claude—says it uncovered a large-scale extortion operation in which cybercriminals abused Claude to automate and orchestrate sophisticated attacks. The company issued a Threat Intelligence report in which it describes several instances of Claude abuse. In the report it states that: “Cyber threat actors leverage AI—using coding agents

Anthropic—the company behind the widely renowned coding chatbot, Claude—says it uncovered a large-scale extortion operation in which cybercriminals abused Claude to automate and orchestrate sophisticated attacks. The company issued a Threat Intelligence report in which it describes several instances of Claude abuse. In the report it states that: “Cyber threat actors leverage AI—using coding agents

To reduce the number of harmful apps targeting Android users, Google has announced that certified Android devices will require all apps to be registered by verified developers in order to be installed. But this new measure is not just about malware that’s found on the Google Play Store, it’s mainly about sideloaded apps (apps downloaded

TheTruthSpy is at it again. A security researcher has discovered a flaw in the Android-based stalkerware that allows anyone to compromise any record in the system. TheTruthSpy stalkerware is designed to be installed surreptitiously on a victim’s Android phone. It then monitors that phone’s activities and sends the information it gathers back to a central

Google has removed 77 malicious apps from the Google Play Store. Before they were removed, researchers at ThreatLabz discovered the apps had been installed over 19 million times. One of the malware families discovered by the researchers is a banking Trojan known as Anatsa or TeaBot. This banking Trojan is a highly sophisticated Android malware,

Artificial Intelligence (AI) browsers are gaining traction, which means we may need to start worrying about the potential dangers of something called “prompt injection.” Large language models (LLMs)—like the ones that power AI chatbots including ChatGPT, Claude, and Gemini—are designed to follow “prompts,” which are the instructions and questions that people provide when looking up

Last week on Malwarebytes Labs: Clickjack attack steals password managers’ secrets Grok chats show up in Google searches All Apple users should update after company patches zero-day vulnerability in all platforms Google settles YouTube lawsuit over kids’ privacy invasion and data collection AI-powered stuffed animals: A good alternative for screen time? How to spot the