As we have said many times before, falling for a scam can happen to the best of us. And it can ruin lives. In our podcast How a scam hunter got scammed, scam hunter Julie-Anne Kearns talked about how she had been duped by people pretending to be from HMRC, which is the UK’s version […]
Beware of Zelle transfer scams Leggi tutto »
If you’re seeing fewer or different CAPTCHA puzzles in the near future, that’s not because website owners have agreed that they’re annoying, but it might be because they no longer prove that the visitor is human. For those that forgot what CAPTCHA stands for: Completely Automated Public Turing test to tell Computers and Humans Apart.
ChatGPT solves CAPTCHAs if you tell it they’re fake Leggi tutto »
Last week on Malwarebytes Labs: ChatGPT Deep Research zero-click vulnerability fixed by OpenAI Disrupted phishing service was after Microsoft 365 credentials Update your Chrome today: Google patches 4 vulnerabilities including one zero-day Age verification and parental controls coming to ChatGPT to protect teens 224 malicious apps removed from the Google Play Store after ad fraud
A week in security (September 15 – September 21) Leggi tutto »
OpenAI has moved quickly to patch a vulnerability known as “ShadowLeak” before anyone detected real-world abuse. Revealed by researchers yesterday, ShadowLeak was an issue in OpenAI’s Deep Research project that attackers could exploit by simply sending an email to the target. Deep Research was launched in ChatGPT in early 2025 to enable users to delegate
ChatGPT Deep Research zero-click vulnerability fixed by OpenAI Leggi tutto »
Microsoft and Cloudflare have disrupted a Phishing-as-a-Service operation, known as RaccoonO365. The primary goal of RaccoonO365 (or Storm-2246 as Microsoft calls it) was to rent out a phishing toolkit that specialized in stealing Microsoft 365 credentials. They were successful in at least 5,000 cases, spanning 94 countries since July 2024. The operation provided the cybercriminals’
Disrupted phishing service was after Microsoft 365 credentials Leggi tutto »
Google has released an update for its Chrome browser to patch four security vulnerabilities, including one zero-day. A zero-day vulnerability refers to a bug that has been found and exploited by cybercriminals before the vendor even knew about it (they have “zero days” to fix it). This update is crucial since it addresses one vulnerability which is
Update your Chrome today: Google patches 4 vulnerabilities including one zero-day Leggi tutto »
OpenAI is going to try and predict the ages of its users to protect them better, as stories of AI-induced harms in children mount. The company, which runs the popular ChatGPT AI, is working on what it calls a long-term system to determine whether users are over 18. If it can’t verify that a user
Age verification and parental controls coming to ChatGPT to protect teens Leggi tutto »
Researchers have discovered a large ad fraud campaign on Google Play Store. The Satori Threat Intelligence and Research team found 224 malicious apps which were downloaded over 38 million times and generated up to 2.3 billion ad requests per day. They named the campaign “SlopAds.” Ad fraud is a type of fraud that lets advertisers
We already knew that the US airline industry gave the government access to passenger records. However, this week it emerged that at least five billion passenger records are being sold to government agencies via a searchable database—far more than was initially believed. A few weeks ago, investigative research team 404 Media reported on a secretive
Airline data broker selling 5 billion passenger records to US government Leggi tutto »
Apple has released security updates for iPhones, iPads, Apple Watches, Apple TVs, and Macs as well as for Safari, and Xcode to fix dozens of vulnerabilities which could give cybercriminals access to sensitive data. How to update your devices How to update your iPhone or iPad For iOS and iPadOS users, you can check if
Update your Apple devices to fix dozens of vulnerabilities Leggi tutto »
