Uncategorized

The relentless battle against online fraud is a constant evolution, a digital chase where security teams and malicious actors continually adapt. The increasing sophistication of attacks is blurring the lines between legitimate user behavior and impersonation attempts. The campaign we are exposing today is a reminder that even the most advanced security technologies do not […]

Sponsored ads on Google search don’t just irritate users—they also provide a dangerous opportunity for cybercriminals to spread malware and scams to their unsuspecting victims. What looks like a harmless search result can be a carefully disguised trap.   At Malwarebytes, our researchers have uncovered a variety of threats hiding in plain sight within these sponsored

For decades, passwords have been our default method for keeping online accounts safe. But in the age of artificial intelligence, this traditional security method is facing challenges it was never built to withstand. A team at Cybernews conducted a study of over 19 billion newly exposed passwords which showed we’re looking at a “a widespread

Meta has won almost $170m in damages from Israel-based NSO Group, maker of the Pegasus spyware. The ruling comes after a six-year legal case against the company after Meta accused it of misusing its servers to spy on users. According to the original complaint against NSO Group, filed in October 2019, the spyware vendor used

The FBI has issued a warning about an ongoing fraud scheme where criminal scammers are impersonating FBI Internet Crime Complaint Center (IC3) employees in order to scam people. Between December 2023 and February 2025, the FBI received over 100 reports of scams involving people posing as IC3 employees. These scammers contact their victims using various

Any app that hands over user data is a concern, but leaky dating apps are especially worrying given the sensitivity of the data involved. A relatively new app called Raw that aims to rewrite the rules of dating is the latest to trip over its coattails by exposing user data to…well, anyone who asked for

Google has patched 47 vulnerabilities in Android, including one actively exploited zero-day vulnerability in its May 2025 Android Security Bulletin. Zero-days are vulnerabilities that are exploited before vendors have a chance to patch them—often before they even know about them. The May updates are available for Android 13, 14, and 15. Android vendors are notified

This week on the Lock and Code podcast… “Heidi” is a 36-year-old, San Francisco-born, divorced activist who is lonely, outspoken, and active on social media. “Jason” is a shy, bilingual teenager whose parents immigrated from Ecuador who likes anime, gaming, comic books, and hiking. Neither of them is real. Both are supposed to fight crime.

Last week on Malwarebytes Labs: On world password day, Microsoft says fewer passwords, more passkeys Apple AirPlay SDK devices at risk of takeover—make sure you update The 3 biggest cybersecurity threats to small businesses Zero-day attacks on browsers and smartphones drop, says Google Fake Social Security Statement emails trick users into installing remote tool Digital