Meta's AI support bot was so committed to customer service that it helped hackers access Instagram accounts that didn't belong to them.

A new scam is targeting developers who publish Chrome extensions. The scam appears to be an official-looking copyright removal request, but is actually a phishing scam designed to steal your Google account. Read our research. https://bit.ly/43KuXhV

Why launch a noisy attack when cybercriminals can quietly steal credentials? Infostealers are becoming the weapon of choice in phishing campaigns.

You don't need another call about your car's extended warranty. Check if a number is safe or a scam with Malwarebytes Scam Number Check.

California has sued the former shell of DNA testing company 23andMe over alleged security failures and misleading statements surrounding its 2023 data breach.

Cybercriminals manage to buy advertising space and use it to defraud gamers.

A fake BlueWallet download tricks Mac users into running malware that steals passwords, crypto wallets, and clipboard data.

Whatchya gon do with all that junk All that junk inside your Android?

Bad news: cybercriminals are abusing Adobe infrastructure in a phishing campaign that appears to be a business inquiry via LinkedIn, but is actually a password stealer. Good news: Malwarebytes Browser Guard stops the scam before it starts. Check out our research.

Signal users are being targeted in a new phishing campaign. Cybercriminals are impersonating Signal Support to steal backup recovery keys, giving them access to every message the victim has ever sent.

Starting in June, Secure Boot certificates that have shipped inside Windows since 2011 begin to expire. Good news: You probably won’t need to do anything. Bad news: Some older devices may not receive the latest security updates. Here’s what’s going on and why it matters.

A convincing fake website is impersonating OpenAI’s ChatGPT download page and infecting visitors with malware designed to steal passwords, browser data, cryptocurrency wallets, and other sensitive information.

“Kali365” is a phishing-as-a-service (PhaaS) platform that enables even low-skilled attackers to hijack Microsoft 365 accounts by stealing access tokens. Here's how the attack works.

The FTC found that the “Active Listening” service was completely fake. It did not actually listen to conversations; instead, the company resold email lists from data brokers at a high markup.

We discovered fake installers impersonating popular software including ChatGPT, Claude, AutoTune, and Kontakt on GitHub and SourceForge distributing a Deno backdoor known as DinDoor. Attackers are using compromised YouTube channels to distribute links to the malicious software.

Hackers have hijacked 700+ real websites using a critical flaw in Ghost CMS. Visitors are shown a fake Cloudflare verification pop-up that tricks them into running a malicious Windows command.

Two former executives of call tracking and analytics company C.A. Cloud Attribution Ltd sold telephone numbers, call recordings, and call-forwarding services to scammers. https://bit.ly/4wQZYya

A new Chrome update includes fixes for two critical vulnerabilities that can be used for remote code execution just by visiting a malicious website.

Two Microsoft Defender vulnerabilities are being actively exploited in the wild.

Simply adding an age gate won’t create a safe online environment. Robust system design, including effective moderation, safer algorithms, and real accountability, will.

Spyware doesn’t just steal passwords. Some malicious apps access webcams to secretly spy on victims. Webcam Monitoring in Malwarebytes for Windows alerts you if a program tries to access your camera, so you can allow trusted programs or remove suspicious software.

Tech leaders: “AI agents will handle your taxes, groceries, everything.” Researchers: “Cool, we left them alone for two weeks.” Result: arson, assault, mass self-deletion, and one power couple burning down the virtual city hall before saying, “See you in the permanent archive.”

A service that signed digital certificates to help malicious installers appear to be legitimate software has been shut down.

Scammers offering a fake Aldi “meat box” trick victims into handing over personal and payment info. https://www.malwarebytes.com/blog/scams/2026/05/facebook-scam-promises-cheap-aldi-meat-boxes-steals-payment-info-instead?utm_campaign=brandsocial&utm_medium=social&utm_source=bluesky

A data breach at NYC Health + Hospitals has exposed the personal, medical, financial, and biometric information of 1.8 million people. Here's what to do if you're impacted.

Deepfakes are already here and becoming easier to make. So what’s the trade-off: share your face and ID for “protection,” or take the risk of being targeted? Not an easy choice.

Microsoft Edge will no longer load all saved passwords into memory at startup. Which begs the question: why did it in the first place?

If you downloaded the JDownloader installer between May 6 and 7, please verify the file. During this period, the Windows "Download Alternative Installer" links and the Linux shell installer were compromised.

Security-conscious users: don’t treat all Meta chats the same. WhatsApp still offers end-to-end encryption for personal messages, while Instagram DMs should now be assumed readable by Meta.

Some Yahoo Mail users may see repeated Malwarebytes alerts caused by background connections to suspicious third-party domains. Here’s why.

Experts are urging schools to take down identifiable photos of students, after AI deepfakes have led to sextortion cases at UK schools.

A lawsuit alleges Netflix secretly tracks and monetizes detailed viewing behavior of users, including children, while misleading users about its data practices.

Microsoft's Patch Tuesday doesn't fix any active zero days, but there are still 137 security fixes that shouldn't be ignored including 31 critical vulnerabilities.

Don't click sponsored ads. Don't click sponsored ads. Don't click sponsored ads. https://www.malwarebytes.com/blog/news/2026/05/fake-claude-search-results-lure-mac-users-into-clickfix-attack?utm_campaign=brandsocial&utm_medium=social&utm_source=bluesky

🚨 The threat is coming from inside the house: 1 in 8 employees at large companies have sold, or know someone who sold, their login credentials.

A researcher found he could remotely hijack thousands of Yarbo yard robots worldwide. He proved it by having his mower run over a reporter.

Days after Instructure confirmed the data breach, the ShinyHunters group has intensified its attacks, defacing school logins with a ransom message.

An AI powered investment scam involves over 15,000 domains. This scam uses cloaking and deepfakes to evade security tools while targeting ordinary users.

According to a UK report, age verification is now standard practice. Despite improvements in age-check technology, nearly half of children still reported experiencing online harm, including violent and hateful content.

Google Chrome has been quietly downloading a 4GB AI model onto users’ device. You didn't consent to it. If you delete it, Chrome downloads it again.

Ransomware group ShinyHunters claims to have stolen approximately 275 million records related to students, teachers, and staff in a data breach involving Instructure, the company that operates the Canvas learning management system.

You have four days left to enjoy encrypted chats on Instagram. Once May 8th rolls around, your chats will be visible to Meta.

WhatsApp users: update now. 💬 WhatsApp has fixed vulnerabilities that could be exploited for social engineering or combined with other flaws to enable more complex attacks.

This long-running phishing operation has been abusing trusted Google services to hijack tens of thousands of Facebook accounts. Businesses with ad accounts are especially vulnerable, as criminals can monetize these after gaining access to the business page.

A critical, actively exploited authentication-bypass bug in cPanel/WHM lets attackers gain admin access without credentials, allowing attackers to take over servers and all hosted sites.

If you're planning to visit the 2026 World Cup, expect a surge in scams and other risky World Cup-related activity.

Quarantining malware is cool, but what if you bite it?

Scammers have found a new way to steal from PayPal users by sending deceptive messages through PayPal’s legitimate services.

Free Roblox extensions can cost you your entire account. Here’s how hackers stole 600,000 accounts. (oof.wav)

Tipping our top hats to Talkie, the 13-billion-parameter language model trained on digital scans of English-language texts published before the end of 1930.