Meta has rolled out more anti-scam protections across WhatsApp, Facebook, and Messenger to fight sophisticated fraud tactics. The features will help stop celebrity impersonators and brand spoofers from defrauding its users, the company said. Meta is also targeting attackers who exploit legitimate platform features like device linking to hijack accounts. People use this feature to […]

Microsoft releases important security updates on the second Tuesday of every month, known as Patch Tuesday. This month’s update fixes 79 Microsoft CVEs including two zero-day vulnerabilities. Microsoft defines a zero-day as “a flaw in software for which no official patch or security update is available yet.” So, since the patch is now available, those […]

While Americans are sorting through paperwork to get their taxes filed in time, scammers are working overtime to grab a piece of the action. As tax season ramps up, so does scam activity. Our telemetry shows a spike in robocalls impersonating tax resolution firms, tax relief agencies, and vaguely named “assistance centers.” These calls are […]

Our malware removal support team recently flagged a new wave of sextortion emails, with the subject line: “You pervert, I recorded you!” If the message sounds familiar, that’s because it’s a variation of the long-running “Hello pervert” scam. The email claims the target’s device has been infected by a “drive-by exploit,” which supposedly gave the […]

A recurring lure in phishing emails impersonating United Healthcare is the promise of a free Oral-B toothbrush. But the interesting part isn’t the toothbrush. It’s the link. Two examples of phishing emails Recently we found that these phishers have moved from using Microsoft Azure Blob Storage (links looking like this: https://{string}.blob.core.windows.net/{same string}/1.html to links obfuscated […]

Dutch intelligence services AIVD and MIVD warn that Russian state‑backed hackers are running a large‑scale campaign to break into Signal and WhatsApp accounts of high‑value targets. The targets are said to be senior officials, military personnel, civil servants, and journalists. The attackers are not breaking end‑to‑end encryption or exploiting a vulnerability in the apps themselves. […]

Your Google Search history provides one of the most detailed windows into your private life, and I know this because when I looked at my own search history last year, I was overwhelmed by the information buried within. Across just 18 months, Google tracked the 8,079 searches I made and the 3,050 websites I visited […]

Recently, we uncovered BeatBanker, an Android‑based malware campaign targeting Brazil. It spreads primarily through phishing attacks via a website disguised as the Google Play Store. To achieve their goals, the malicious APKs carry multiple components, including a cryptocurrency miner and a banking Trojan capable of completely hijacking the device and spoofing screens, among other things. […]

Investigators are worried that a recent attack on a critical FBI system was more than just a random hit, and that another nation-state might have been involved. On February 17, the FBI flagged irregular network activity that led straight to its Digital Collection System Network. That system contains sensitive data related to court-authorized wiretaps, pen […]

Last week on Malwarebytes Labs: One click on this fake Google Meet update can give attackers control of your PC Beware of fake OpenClaw installers, even if Bing points you to GitHub Fake CleanMyMac site installs SHub Stealer and backdoors crypto wallets Windows File Shredder: When deleting a file isn’t enough Supreme Court to decide […]