Microsoft working on a fix for RoguePlanet, a flaw that grants full PC control | Malware

A publicly available exploit called RoguePlanet can give attackers the highest level of access on Windows systems. Microsoft has confirmed the vulnerability and says it’s working on a security update….

Read more

Microsoft Details Windows Clipper Malware Campaign Using USB LNK Worm and Tor-Based C2 | Cybersecurity

Ravie LakshmananJun 18, 2026Malware / Cryptocurrency Microsoft has disclosed details of a Windows-based cryptocurrency clipper campaign that has targeted users since February 2026. “The clipper in this campaign relies on…

Read more

Malwarebytes earns AV-TEST Top Product award, aces other third-party tests | Malware

Our job is to protect people from online threats, and independent testing is one of the best ways to measure how well we’re doing. Malwarebytes nabbed AV-TEST’s Top Product award…

Read more

Retro gaming fans are the new target for fake GitHub malware | Malware

Retro gaming fans should be careful with GitHub projects that claim to be tools or plugins for their consoles. Attackers can disguise ordinary computer malware as homebrew software, and the…

Read more

Roblox developers are losing entire games to malware attacks | Malware

Account theft usually ends with someone losing a password. This one ends with hackers walking off with the entire game. Developers behind some of Roblox’s millions of games told 404…

Read more

Rokarolla Android malware can take over your phone and steal banking logins | Malware

Researchers have analyzed a new Android banking Trojan called Rokarolla. It can effectively take over a device, steal banking and crypto login details from more than 200 apps, and quietly…

Read more

Crypto Clipper Campaign Abuses Fake Reviews, AI Narrators, and VirusTotal Comments | Cybersecurity

Ravie LakshmananJun 17, 2026Malware / Social Engineering An unknown threat actor has been observed leveraging paid or promoted posts on legitimate news websites to drum up buzz for their warez,…

Read more

Adversarial Exposure Validation Turns Security Visibility into Confident Prioritization | Cybersecurity

For security teams, the findings never stop, but confidence in knowing which ones matter is becoming harder to maintain. The problem is no longer visibility. It’s validation. Security teams must…

Read more

24 billion stolen records found in giant data dump. Check if you’re affected | Malware

A newly discovered database containing 24 billion stolen records is a reminder that personal information from data breaches, phishing campaigns, and infostealer infections continues to circulate online. The collection was…

Read more

144 Mastra npm Packages Compromised via Hijacked Contributor Account | Cybersecurity

Ravie LakshmananJun 17, 2026Malware / Cryptocurrency As many as 144 npm packages associated with the Mastra namespace (“@mastra/*”), a popular open-source JavaScript and TypeScript framework for building artificial intelligence (AI)…

Read more

Deepfake posting sites depicting famous women taken down by feds | Malware

Thanks to Uncle Sam, anyone trying to find nonconsensual intimate deepfakes on CFake.com and SOCFake.com will be disappointed. The US Departments of Justice (DOJ) and Homeland Security has seized the…

Read more

Cardiac patients’ medical data stolen and held to ransom | Malware

Cardiac monitoring provider iRhythm has been hit by a data theft followed by an extortion attempt. In a filing with the Securities and Exchange Commission (SEC), iRhythm revealed it was…

Read more

ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures | Cybersecurity

Cybersecurity researchers have flagged multiple ClickFix campaigns that deliver three malware loaders called BabaDeda Loader, Lorem Ipsum Loader, and Potemkin, per independent reports from Morphisec, BlueVoyant, and Huntress, respectively. Attacks…

Read more

“Free World Cup stream” sites are serving scams, not football | Malware

With the World Cup on, you’ll find no shortage of websites promising every match, live, in HD, for free. They look convincing, usually with a video player, a “Live Stream…

Read more

New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds | Cybersecurity

Swati KhandelwalJun 16, 2026Mobile Security / Malware Security researchers at Zimperium’s zLabs have documented a new Android banking trojan, Rokarolla, that targets 217 banking and cryptocurrency apps and packs 137 remote commands….

Read more

Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware | Cybersecurity

Ravie LakshmananJun 16, 2026United States The North Korean state-sponsored hacking group known as ScarCruft (aka APT37) has been observed using spear-phishing messages impersonating Microsoft Account security notifications to deliver malware…

Read more

Deepfake porn sites are going offline (re-air) (Lock and Code S07E12) | Malware

This week on the Lock and Code podcast… If you weren’t taking deepfakes seriously before, it’s too late now to ignore them. According to new research from Malwarebytes, one in…

Read more

Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting | Cybersecurity

A flaw in the Google Cloud Vertex AI SDK for Python let an attacker with no access to a victim’s project hijack the victim’s machine learning model upload and run…

Read more

Inside a malicious infrastructure delivering EtherRAT, phishing pages, and malicious software  | Malware

During our recent threat hunting activities, we found EtherRAT malware being distributed by a website with a strange homepage. This homepage allowed us to discover a vast malicious infrastructure distributing malware, malicious documents, remote desktop software, and phishing…

Read more

Claude Fable 5 and Mythos 5 “abruptly disabled” after US gov. ban | Malware

Anthropic has been ordered by the US government to cut off its newest Claude Fable 5 and Mythos 5 models for fear of abuse by adversaries. Reuters reports that Anthropic…

Read more

LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers | Cybersecurity

A default low-privilege account on a LiteLLM proxy can climb to full admin and run code on the server by chaining three vulnerabilities, researchers at Obsidian Security disclosed LiteLLM is…

Read more

A week in security (June 8 – June 14) | Malware

Last week on Malwarebytes Labs: Stolen iPhones could soon be worth a lot less to thieves Fake verification pages are stealing Steam accounts from players Google can be liable for…

Read more

The Onboarding Password Mistake That Creates Unnecessary Risk | Cybersecurity

Employee onboarding is a busy time for IT teams. New starters need devices, accounts, access permissions, and passwords, all delivered within a tight timeframe. That usually means sharing a temporary…

Read more

Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails | Cybersecurity

A China-linked espionage group hid inside North American medical, academic, and military research networks for more than a year, quietly stealing sensitive research and defense email. The way in was…

Read more

Sniper Dz Scams Target MENA Users via Fake Facebook Offers and Browser Alerts | Cybersecurity

Ravie LakshmananJun 15, 2026Social Engineering / Browser Security Cybersecurity researchers have disclosed details of fraudulent activity targeting users across the Middle East and North Africa by employing various fraudulent Facebook…

Read more

Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication | Cybersecurity

Ravie LakshmananJun 13, 2026Vulnerability / Enterprise Software Splunk has released security updates to address a critical security flaw in Splunk Enterprise that could be exploited to conduct unauthenticated file operations…

Read more

U.S. Orders Anthropic to Suspend Fable 5 and Mythos 5 Access for Foreign Nationals | Cybersecurity

Anthropic said on Friday it will “abruptly disable” its most advanced artificial intelligence (AI) models, Claude Fable 5 and Mythos 5, for all users after the U.S. government ordered it…

Read more

Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit | Cybersecurity

Attackers took over more than 400 packages in the Arch User Repository (AUR) this week and rewrote their build scripts to install a credential stealer on any machine that built…

Read more

Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing | Cybersecurity

Ravie LakshmananJun 12, 2026Cybercrime / Artificial Intelligence Google on Friday said it’s pursuing legal action against a Chinese cybercrime network, accusing it of using its Gemini artificial intelligence (AI) agent…

Read more

Stolen iPhones could soon be worth a lot less to thieves | Malware

The UK’s Metropolitan Police has reached an agreement with Apple designed to make stolen iPhones harder to resell and less attractive to thieves. The approach combines stronger technical protections with…

Read more
Update cookies preferences