3+ hour, 28+ min ago  (558+ words) A researcher published "Zombie ZIP," a simple way to change the first part (header) of a ZIP file so it falsely claims its contents are'uncompressed'while they are actually compressed. Many antivirus products trust that header and never properly decompress or…...

2+ hour, 22+ min ago  (683+ words) In recent years, ClickFix and fake CAPTCHA techniques have become a popular way for cybercriminals to distribute malware. Instead of exploiting a technical vulnerability, these attacks rely on convincing people to run malicious commands themselves. Our researchers have recently detected…...

3+ day, 6+ hour ago  (405+ words) Google has released an out-of-band security update for Chrome desktop that patches two high'severity zero'day vulnerabilities. Both bugs can be exploited remotely and require only that a user visit a malicious website. Because the attack complexity is low, the vulnerabilities…...

4+ day, 6+ hour ago  (466+ words) A vulnerability in Android devices can allow attackers to gain access to a phone in less than a minute. The vulnerability, tracked as CVE-2026-20435, affects certain MediaTek SoCs (System-on-a-Chip) using Trustonic's TEE (Trusted Execution Environment). That may sound rare, but…...

5+ day, 4+ hour ago  (401+ words) Our malware removal support team recently flagged a new wave of sextortion emails, with the subject line: "You pervert, I recorded you!" If the message sounds familiar, that's because it's a variation of the long-running "Hello pervert" scam. The email…...

5+ day, 8+ hour ago  (306+ words) Microsoft releases important security updates on the second Tuesday of every month, known as Patch Tuesday. This month's update fixes 79 Microsoft CVEs including two zero-day vulnerabilities. Microsoft defines a zero-day as "a flaw in software for which no official patch…...

6+ day, 8+ hour ago  (819+ words) Dutch intelligence services AIVD and MIVD warn that Russian state'backed hackers are running a large'scale campaign to break into Signal and WhatsApp accounts of high'value targets. The targets are said to be senior officials, military personnel, civil servants, and journalists....

6+ day, 8+ hour ago  (739+ words) Investigators are worried that a recent attack on a critical FBI system was more than just a random hit, and that another nation-state might have been involved. On February 17, the FBI flagged irregular network activity that led straight to its…...

1+ week, 6+ hour ago  (520+ words) Attackers are cloning install pages for popular tools like Claude Code and swapping the "one'liner" install commands with malware, mainly to steal passwords, cookies, sessions, and access to developer environments. Researchers found that attackers abuse this workflow by keeping everything…...

1+ week, 5+ hour ago  (1063+ words) Our support team flagged a number of customers who suspected their device might be infected with malware, but Malwarebytes scans came up empty. When the customers provided screenshots, our Malware Removal Support team quickly recognized the format as web push…...