Malware

Account theft usually ends with someone losing a password. This one ends with hackers walking off with the entire game. Developers behind some of Roblox’s millions of games told 404…

Researchers have analyzed a new Android banking Trojan called Rokarolla. It can effectively take over a device, steal banking and crypto login details from more than 200 apps, and quietly…

Ravie LakshmananJun 17, 2026Malware / Social Engineering An unknown threat actor has been observed leveraging paid or promoted posts on legitimate news websites to drum up buzz for their warez,…

For security teams, the findings never stop, but confidence in knowing which ones matter is becoming harder to maintain. The problem is no longer visibility. It’s validation. Security teams must…

A newly discovered database containing 24 billion stolen records is a reminder that personal information from data breaches, phishing campaigns, and infostealer infections continues to circulate online. The collection was…

Ravie LakshmananJun 17, 2026Malware / Cryptocurrency As many as 144 npm packages associated with the Mastra namespace (“@mastra/*”), a popular open-source JavaScript and TypeScript framework for building artificial intelligence (AI)…

Thanks to Uncle Sam, anyone trying to find nonconsensual intimate deepfakes on CFake.com and SOCFake.com will be disappointed. The US Departments of Justice (DOJ) and Homeland Security has seized the…

Cardiac monitoring provider iRhythm has been hit by a data theft followed by an extortion attempt. In a filing with the Securities and Exchange Commission (SEC), iRhythm revealed it was…

Cybersecurity researchers have flagged multiple ClickFix campaigns that deliver three malware loaders called BabaDeda Loader, Lorem Ipsum Loader, and Potemkin, per independent reports from Morphisec, BlueVoyant, and Huntress, respectively. Attacks…

With the World Cup on, you’ll find no shortage of websites promising every match, live, in HD, for free. They look convincing, usually with a video player, a “Live Stream…

Swati KhandelwalJun 16, 2026Mobile Security / Malware Security researchers at Zimperium’s zLabs have documented a new Android banking trojan, Rokarolla, that targets 217 banking and cryptocurrency apps and packs 137 remote commands….

Ravie LakshmananJun 16, 2026United States The North Korean state-sponsored hacking group known as ScarCruft (aka APT37) has been observed using spear-phishing messages impersonating Microsoft Account security notifications to deliver malware…

This week on the Lock and Code podcast… If you weren’t taking deepfakes seriously before, it’s too late now to ignore them. According to new research from Malwarebytes, one in…

A flaw in the Google Cloud Vertex AI SDK for Python let an attacker with no access to a victim’s project hijack the victim’s machine learning model upload and run…

During our recent threat hunting activities, we found EtherRAT malware being distributed by a website with a strange homepage. This homepage allowed us to discover a vast malicious infrastructure distributing malware, malicious documents, remote desktop software, and phishing…

Anthropic has been ordered by the US government to cut off its newest Claude Fable 5 and Mythos 5 models for fear of abuse by adversaries. Reuters reports that Anthropic…

A default low-privilege account on a LiteLLM proxy can climb to full admin and run code on the server by chaining three vulnerabilities, researchers at Obsidian Security disclosed LiteLLM is…

Last week on Malwarebytes Labs: Stolen iPhones could soon be worth a lot less to thieves Fake verification pages are stealing Steam accounts from players Google can be liable for…

Employee onboarding is a busy time for IT teams. New starters need devices, accounts, access permissions, and passwords, all delivered within a tight timeframe. That usually means sharing a temporary…

A China-linked espionage group hid inside North American medical, academic, and military research networks for more than a year, quietly stealing sensitive research and defense email. The way in was…

Ravie LakshmananJun 15, 2026Social Engineering / Browser Security Cybersecurity researchers have disclosed details of fraudulent activity targeting users across the Middle East and North Africa by employing various fraudulent Facebook…

Ravie LakshmananJun 13, 2026Vulnerability / Enterprise Software Splunk has released security updates to address a critical security flaw in Splunk Enterprise that could be exploited to conduct unauthenticated file operations…

Anthropic said on Friday it will “abruptly disable” its most advanced artificial intelligence (AI) models, Claude Fable 5 and Mythos 5, for all users after the U.S. government ordered it…

Attackers took over more than 400 packages in the Arch User Repository (AUR) this week and rewrote their build scripts to install a credential stealer on any machine that built…

Ravie LakshmananJun 12, 2026Cybercrime / Artificial Intelligence Google on Friday said it’s pursuing legal action against a Chinese cybercrime network, accusing it of using its Gemini artificial intelligence (AI) agent…

The UK’s Metropolitan Police has reached an agreement with Apple designed to make stolen iPhones harder to resell and less attractive to thieves. The approach combines stronger technical protections with…

Ravie LakshmananJun 12, 2026Artificial Intelligence / Vulnerability Cybersecurity researchers have described what they say is a new class of attack that can trick artificial intelligence (AI) coding agents into running…

Online gamers should watch out for a convincing scam that aims to steal your Steam account. The scam uses fake FACEIT verification pages that look legitimate, complete with official branding,…

Ravie LakshmananJun 12, 2026Cybercrime / Phishing An INTERPOL-led operation last month resulted in the disruption of Sniper Dz, a decade-long phishing-as-a-service (PhaaS) platform, Group-IB said Thursday. The effort, codenamed Operation…