Malware

Cybernews discovered how two AI companion apps, Chattee Chat and GiMe Chat, exposed millions of intimate conversations from over 400,000 users. This is not the first time we have to…

The SOC of 2026 will no longer be a human-only battlefield. As organizations scale and threats evolve in sophistication and velocity, a new generation of AI-powered agents is reshaping how…

Oct 10, 2025Ravie LakshmananVulnerability / Threat Intelligence Dozens of organizations may have been impacted following the zero-day exploitation of a security flaw in Oracle’s E-Business Suite (EBS) software since August…

It’s once again time to change your passwords, but if one government agency has its way, this might be the very last time you do it. After nearly four years…

If you think Apple’s ‘Find My’ feature was just there to help you locate your phone when it slipped down the side of the couch, think again. It turns out…

Security researchers are warning Android users to delete a fake VPN and streaming app that can let criminals take over their phones and drain their bank accounts. The app, Mobdro…

Oct 09, 2025Ravie LakshmananCyber Espionage / Artificial Intelligence A China-aligned threat actor codenamed UTA0388 has been attributed to a series of spear-phishing campaigns targeting North America, Asia, and Europe that…

Oct 09, 2025Ravie LakshmananMobile Security / Malware A rapidly evolving Android spyware campaign called ClayRat has targeted users in Russia using a mix of Telegram channels and lookalike phishing websites…

California’s 2025 legislative session closed with 14 new privacy and AI-related bills. We’d like to highlight a few of the most relevant signed bills and encourage other states and countries…

Oct 09, 2025Ravie LakshmananArtificial Intelligence / Malware Russian hackers’ adoption of artificial intelligence (AI) in cyber attacks against Ukraine has reached a new level in the first half of 2025…

The short answer is: probably not, but theoretically it’s possible. Researchers at the University of California found a method they called Mic-E-Mouse, which turns your computer mouse into a spy…

Cybersecurity researchers are calling attention to a nefarious campaign targeting WordPress sites to make malicious JavaScript injections that are designed to redirect users to sketchy sites. “Site visitors get injected…

The BBC reported on modeling scams targeting older models. Modeling scams aren’t new, but it’s worth looking at how they spread today, how to spot them, and—most importantly—how to avoid…

Oct 08, 2025The Hacker NewsPassword Security / Cyber Attacks Every year, weak passwords lead to millions in losses — and many of those breaches could have been stopped. Attackers don’t…

You get a message from a Discord friend. Or maybe an unknown indie developer reaches out to you. “Can you test my game?” they ask.  The webpage they send over…

Artificial intelligence is reshaping cybersecurity on both sides of the battlefield. Cybercriminals are using AI-powered tools to accelerate and automate attacks at a scale defenders have never faced before. Security…

Popular social platform Discord has suffered a data breach—though technically, it wasn’t Discord itself that was hacked. A third-party customer support provider was compromised, allowing attackers to access Discord’s user…

Phishers and scammers can’t get enough of sending their feeble attempts to Malwarebytes’ employees. For which we can’t thank them enough because it means we can warn you, our readers….

Oct 07, 2025Ravie LakshmananMalware / Threat Intelligence A Vietnamese threat actor named BatShadow has been attributed to a new campaign that leverages social engineering tactics to deceive job seekers and…

In December 2024, CPAP Medical Supplies and Services Inc. (CPAP), a Jacksonville—a Florida-based provider of sleep therapy services and CPAP machines—experienced a cybersecurity incident that compromised the personal data of…

For years, security leaders have treated artificial intelligence as an “emerging” technology, something to keep an eye on but not yet mission-critical. A new Enterprise AI and SaaS Data Security…

Oct 07, 2025Ravie LakshmananCyber Attack / Ransomware CrowdStrike on Monday said it’s attributing the exploitation of a recently disclosed security flaw in Oracle E-Business Suite with moderate confidence to a…

While two-factor authentication (2FA) is not completely fool-proof, it is one of the best ways to protect your accounts from hackers. It adds an extra step when logging in, which…

In a very recent and well-targeted phishing attempt, scammers tried to get hold of the 1Password credentials belonging to a Malwarebytes’ employee. Stealing someone’s 1Password login would be like hitting…

Oct 06, 2025Ravie LakshmananNetwork Security / Cyber Espionage A Chinese company named the Beijing Institute of Electronics Technology and Application (BIETA) has been assessed to be likely led by the…

This week on the Lock and Code podcast… “Connection” was the promise—and goal—of much of the early internet. No longer would people be separated from vital resources and news that…

In the era of rapidly advancing artificial intelligence (AI) and cloud technologies, organizations are increasingly implementing security measures to protect sensitive data and ensure regulatory compliance. Among these measures, AI-SPM…

October 3, 2025 – After posting children’s photos online and issuing ransom demands, cybercriminals targeting Kido nurseries say they’ve erased the stolen data. October 2, 2025 – Meta has announced…

Oct 06, 2025Ravie LakshmananEmail Security / Zero-Day A now patched security vulnerability in Zimbra Collaboration was exploited as a zero-day earlier this year in cyber attacks targeting the Brazilian military….