The FBI is warning that cybercriminals are creating fake versions of its Internet Crime Complaint Center (IC3) website to trick people into sharing personal information.

Zelle transfers are instant and difficult to reverse, making them a common method for scammers to steal money from victims. Learn how to stay safe in our latest article. 👇

Most of the openly accessible AI chat agents have been barred from solving CAPTCHAs by their developers. But now researchers say they’ve found a way to get ChatGPT to solve image-based CAPTCHAs.

Them: "Security is expensive." Us:

ShadowLeak was an issue in OpenAI’s Deep Research project that attackers could exploit by simply sending an email to the target.

This raccoon is not out for your trash; it's after your data. The disrupted phishing campaign stole logins, cookies, and other sensitive information. Criminals use these to break into accounts, steal money, extort victims, or launch bigger cyberattacks.

‼️ Update your Chrome browser ‼️ Google has released an update for its Chrome browser to patch four security vulnerabilities.

You know you can download Malwarebytes on your Android or iPhone, right?🤔

Researchers have discovered a large fraud campaign on the Google Play Store. 224 malicious apps were downloaded over 38 million times and generated up to 2.3 billion ad requests per day.

Apple released iOS 18.7 and iOS 26, fixing dozens of vulnerabilities that could give attackers access to your sensitive data.

The US airline industry has been providing the government access to passenger records, and it has now been revealed that the number of records is much higher than previously thought.

🎣 Some AI chatbots are willing to create phishing messages that can be used to scam people.

“Children are hacking into their schools’ computer systems – and it may set them up for a life of cyber crime.”

🚫 Don’t fall for fake remote job offers. Scammers are taking advantage of job seekers with bogus remote jobs. Learn how to spot employment scams and get tips on how to stay safe in our latest article.

Discover how a "like" on the Fitbit app spiraled into years of financial hardship. Read the true story of how one woman lost her life savings to a scammer with our tips on how to keep your loved ones safe online.

Browsers like Chrome, Edge, and Firefox have been our traditional gateway to the internet. But a new generation of AI-powered browsers or “agentic browsers” have the internet asking: "Are AI browsers safe?"

AI chatbot apps are leaking user data for several reasons, but mostly because security is an afterthought.

The New York Blood Center’s (NYBC) suffered a ransomware attack in January, when an unauthorized party gained access to user data.

Scammers are sending out texts that claim to be from the Bureau of Motor Vehicles (BMV), saying that you have outstanding traffic tickets.

Japanese octogenarian promised the stars but left with a black hole in her wallet after “astronaut-in-distress" romance scam.

Weight loss scams aren't always a too good to be true social media post. They are also being sent via text message. Read our latest research on phishing domains hosting GLP-1 scams.

Plex warns users to reset their passwords after attackers access customer data.

Google ordered to pay $425M for misleading users about their online privacy.

Popeyes, Tim Hortons, Burger King platforms have “catastrophic” vulnerabilities, say hackers.

The lawsuit filed against Google alleges that the company misled users about the "Web & App Activity" setting, claiming that even after users disabled it, Google continued to collect app usage data, stating that it was anonymized.

Phishers are targeting PayPal users again, this time through iCloud Calendar invitations.

Dangerous dashcam data dump deeply disturbs drivers.

The popular online platform, which faced several lawsuits and criticism for not doing enough to protect kids, announced a plan to implement age estimation for all Roblox users.

Several Android VPN apps for sale on the Google Play Store have security flaws that allow others to snoop on their traffic. They’re also deceiving users about their ownership.

TP-Link has issued a warning about a botnet that exploits two vulnerabilities to infect small office and home routers, which are then used to attack Microsoft 365 accounts.

New feature alert! 🚨 Say hello to Malwarebytes Tools. 🛠️ Manage your startup apps, tweak your system, and protect your device with smarter firewall controls—all built-in to the Malwarebytes app and designed to keep your device running smoothly and securely. Available free for all Windows users.

‼️ Android users, update now ‼️ Google fixed 111 security issues in Android, including two serious flaws.

A highly sophisticated email scam is targeting PayPal users with the subject of “Set up your account profile," aiming to clean out your PayPal account. https://mwb.link/4p4Rek3

"These botnets use known vulnerabilities in internet-connected network equipment as hosts for their code and to infect other nearby devices." Malwarebytes's Researcher Pieter Arntz. Learn how cybercriminals are exploiting vulnerabilities in network devices to build powerful botnets in Metro.

Even outside of tax season, scammers are out to get your information.

Some scammers are selling ETA documents at exaggerated prices, and others are after your personal and financial data.

Two-step verification, or two-factor authentication, is one of the best ways to protect your WhatsApp account from hackers. Here's how you set it up.

WhatsApp has patched a vulnerability that was used alongside an Apple vulnerability in zero-click attacks. WhatsApp advised the affected users to perform a full factory reset of their phone to make sure they are rid of the malware.

Users are afraid that with AI integration and saving documents to the cloud, their work will be used to train artificial intelligence (AI) or that this is a Microsoft scheme to sell more cloud storage.

Everyone hates robocalls. And tracking down the scammers and spammers responsible for these calls can be challenging. So the FCC is taking a new approach: disconnecting over a thousand voice operators from the network for not taking measures to stop robocalls on their networks.

TheTruthSpy stalkerware is designed to be installed secretly on a victim’s Android phone. It then monitors the phone’s activities and sends the gathered information back to central servers, which may be vulnerable to attacks.

Google has removed 77 malicious apps from the Google Play Store. Before they were removed, researchers discovered the apps had been installed over 19 million times.

Prompt injection attacks could be coming to an AI browser near you. 🤖 Learn how “prompt injection” attacks work, how one team found a flaw in an agentic browser, and how to stay safe. 👇

Learn how a recent clickjacking attack targeted password managers and what you can do to stay secure. Read more. 👇

Grok, is it true?

‼️ If you're an Apple user, update your devices now ‼️ Apple has released security updates for iPhones, iPads, and Macs to fix a zero-day vulnerability (a vulnerability that Apple was previously unaware of) that is reportedly being used in targeted attacks.

Google has settled a lawsuit against YouTube for $30 million, but did not admit to collecting the data of minors for targeted advertising.

"AI-powered stuffed animals" is not a phrase we had on our 2025 bingo card, yet here we are.

Scammers posing as Google support call victims to steal their login credentials under the pretense of account recovery, aiming to take over the victim's account.

Instagram Map is a new feature—for Instagram, anyway—that users may have enabled without being fully aware of the consequences. The feature shares your current location with your friends.