Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access | Cybersecurity

Ravie LakshmananJun 25, 2026Vulnerability / Threat Intelligence An unknown threat actor exploited a recently disclosed high-severity security flaw impacting Cisco Catalyst SD-WAN as a zero-day at least two months before…

Read more

Watch out for renewal scams pretending to be Malwarebytes | Malware

Fake subscription renewal notices are doing the rounds again. Some of these scams impersonate Malwarebytes, and we’ve also seen them reach our customers. You’re more likely to trust the message…

Read more

CISA Warns Critical Lantronix EDS5000 Flaw Is Being Actively Exploited | Cybersecurity

Ravie LakshmananJun 24, 2026Vulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday warned of active exploitation of a critical security flaw impacting Lantronix EDS5000 Series…

Read more

PixelSmash flaw turns video files into attack tools | Malware

A newly discovered vulnerability in FFmpeg’s MagicYUV decoder can turn a tiny, malformed video into a foothold for attackers. Researchers have disclosed PixelSmash, a critical vulnerability tracked as CVE-2026-8461, in…

Read more

Amadey and StealC Malware Network Disrupted, 27M Stolen Credentials Recovered | Cybersecurity

A coordinated law enforcement operation, in partnership with private sector companies, including Bitdefender, Bitsight, ESET, and Microsoft, has resulted in the takedown of criminal infrastructure powering Amadey and StealC. “The…

Read more

“Total access to all your devices.” Sextortion scammers strike again | Malware

At the moment, we’re seeing all kinds of sextortion emails. The scam is cheap to run, easy to automate, and apparently profitable enough that cybercriminals keep using it. Some criminals…

Read more

DoJ Seizes Huione Cloud Account Tied to Cyber Scam Money Laundering | Cybersecurity

Ravie LakshmananJun 24, 2026Money Laundering / Cybercrime The U.S. Department of Justice (DoJ) on Tuesday announced the seizure of a cloud computing account put to use by subsidiaries of Cambodia-based…

Read more

Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root | Cybersecurity

Ravie LakshmananJun 24, 2026Vulnerability / Network Security Threat actors have begun to exploit a recently disclosed critical security flaw impacting Cisco Unified Communications Manager (Unified CM) and Unified Communications Manager…

Read more

Hackers steal passport and driver’s license data of 3 million Texans | Malware

You can change a password and cancel a card. But replacing a passport or driver’s license number every time someone leaves yours unsecured in a vendor database isn’t so easy….

Read more

Inside the dark web: Stolen identities for 95¢, malware, and scams-for-hire | Malware

Most people have heard of the dark web, but few understand what it actually looks like or what goes on there. To separate fact from fiction, our research team spent…

Read more

FortiBleed Targeted FortiGate Firewalls in 110 Million-Credential Harvesting Operation | Cybersecurity

Ravie LakshmananJun 23, 2026Initial Access Broker / Firewall Security A Russian-speaking initial access broker (IAB) driven by financial gain is assessed to be behind a large-scale credential-harvesting operation known as…

Read more

Meta pauses controversial employee-tracking program after security review | Malware

Meta has paused a controversial employee‑tracking program after an internal security review found that highly granular keystroke and screen‑capture data from staff laptops was far more widely accessible inside the…

Read more

Fake AI Agent Skill Passed Security Scans and Reportedly Reached 26,000 Agents | Cybersecurity

Security firm AIR built a fake AI agent skill, pushed it through a popular skill marketplace and an Instagram ad, and says it reached roughly 26,000 agents, including some on corporate accounts….

Read more

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT | Cybersecurity

Ravie LakshmananJun 23, 2026Supply Chain Attack / Developer Security Cybersecurity researchers have discovered a set of malicious npm packages that are designed to deliver a Windows-based remote access trojan (RAT)….

Read more

WhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool | Cybersecurity

Ravie LakshmananJun 23, 2026Malware / Social Engineering Direct messages sent via WhatsApp are being used to distribute malicious Visual Basic Script (VBScript) files that lead to the installation of legitimate…

Read more

Document delivery scams: What are they and what’s their goal? | Malware

One of Malwarebytes’ managers recently received a call from scammers pretending to be a document delivery service. The voicemail sounded official: “I am calling on behalf of document delivery services….

Read more

ShapedPlugin WordPress Pro Plugins Backdoored in Supply Chain Attack | Cybersecurity

Ravie LakshmananJun 22, 2026Supply Chain Attack / Malware Multiple WordPress plugins from ShapedPlugin were compromised in a supply chain attack after unknown threat actors managed to tamper with the official…

Read more

Thousands of D-Link routers under control of AryStinger botnet | Malware

Researchers have found that the recently discovered AryStinger botnet has quietly hijacked thousands of end‑of‑life D‑Link routers and some network-attached storage (NAS) devices, turning them into a distributed scanning and…

Read more

29-Year-Old Squid Proxy Bug ‘Squidbleed’ Can Leak Cleartext HTTP Requests | Cybersecurity

Swati KhandelwalJun 22, 2026Vulnerability / Server Security A heap over-read in the Squid web proxy can leak another user’s cleartext HTTP request, including any credentials or session tokens it carries,…

Read more

A week in security (June 15 – June 21) | Malware

Last week on Malwarebytes Labs: Nearly 15,000 infected websites cleaned in SocGholish crackdown Apple patches Beats Studio Buds flaw that could turn earbuds into a wiretap Microsoft working on a…

Read more

Canada’s Spy Agency Used First-of-Its-Kind Warrant to Clean Botnet-Infected Devices | Cybersecurity

Canada’s spy service got a judge’s permission to reach into infected servers, home routers, and IoT gear sitting on Canadian soil and neutralize two foreign-run botnets. The Federal Court released a…

Read more

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys | Cybersecurity

Ravie LakshmananJun 20, 2026Vulnerability / Web Security Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that’s installed on about 100,000 sites. The vulnerability,…

Read more

Unpatchable ‘usbliter8’ Exploit Breaks Apple A12 and A13 SecureROM Boot Chain | Cybersecurity

Security researchers at Paradigm Shift have published a working exploit, dubbed usbliter8, that achieves arbitrary code execution inside the SecureROM of Apple’s A12 and A13 chips. That code is burned into the silicon…

Read more

Nearly 15,000 infected websites cleaned in SocGholish crackdown | Malware

We’re always happy to end the week with some positive news. A law enforcement action called Operation Endgame just delivered a major win against the long‑running SocGholish (aka FakeUpdates) operation….

Read more

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution | Cybersecurity

Microsoft researchers have detailed an exploit chain, named AutoJack, that turns an AI browsing agent into a delivery vehicle for remote code execution. Steer the agent to load an attacker’s web…

Read more

Apple patches Beats Studio Buds flaw that could turn earbuds into a wiretap | Malware

Apple has patched a Bluetooth flaw in Beats Studio Buds that could potentially turn your earbuds into a nearby wiretap. When you buy a pair of Bluetooth earbuds, you expect…

Read more

Forget Data Leakage: Shadow AI’s Real Threat Is Access Control | Cybersecurity

The first wave of enterprise AI concern was straightforward. It was simply employees pasting sensitive data into public AI tools. Security teams responded with usage policies, domain blocks, and data…

Read more

Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone | Cybersecurity

Ravie LakshmananJun 19, 2026Mobile Security / Vulnerability Apple has updated its Beats Studio Buds wireless earbuds to patch a high-severity vulnerability that could be exploited by nearby hackers to eavesdrop…

Read more

Kodak confirms breach as ShinyHunters’ leak threat reaches deadline | Malware

The Eastman Kodak Company (Kodak) confirmed to BleepingComputer that it is investigating a security breach after the ShinyHunters extortion group claimed responsibility for the incident. Kodak is the latest organization…

Read more

F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution | Cybersecurity

Ravie LakshmananJun 18, 2026Vulnerability / Cloud Security F5 has released security updates to address two critical security flaws in NGINX Open Source that could be exploited to achieve code execution…

Read more
Update cookies preferences