How AI made scams more convincing in 2025
This blog is part of a series where we highlight new or fast-evolving threats in consumer security. This one focuses on how AI is being…
Category: MalwareBytes
In 2025, age checks started locking people out of the internet
If 2024 was the year lawmakers talked about online age verification, 2025 was the year they actually flipped the switch. In 2025, across parts of…
2025 exposed the risks we ignored while rushing AI
This blog is part of a series where we highlight new or fast-evolving threats in the consumer security landscape. This one looks at how the…
Malware in 2025 spread far beyond Windows PCs
This blog is part of a series highlighting new and concerning trends we noticed over the last year. Trends matter because they almost always provide…
Hacktivists claim near-total Spotify music scrape
Hacktivist group Anna’s Archive claims to have scraped almost all of Spotify’s catalog and is now seeding it via BitTorrent, effectively turning a streaming platform…
Pornhub tells users to expect sextortion emails after data exposure
After a recent data breach that affected Pornhub Premium members, Pornhub has updated its online statement to warn users about potential direct contact from cybercriminals.…
CISA warns ASUS Live Update backdoor is still exploitable, seven years on
Recently, the Cybersecurity and Infrastructure Security Agency (CISA) added (along with two others) a vulnerability in ASUS Live Update to its catalog of Known Exploited…
The ghosts of WhatsApp: How GhostPairing hijacks accounts
Researchers have found an active campaign aimed at taking over WhatsApp accounts. They’ve called this attack GhostPairing because it tricks the victim into completing WhatsApp’s…
Chrome extension slurps up AI chats after users installed it for privacy
This case highlights a growing grey area in consumer privacy: data collection that is technically disclosed, but so far outside user expectations that most people…
Two Chrome flaws could be triggered by simply browsing the web: Update now
Google issued an extra patch addressing two security vulnerabilities in Chrome, both of which can be triggered remotely by an attacker when a user visits…
Inside a purchase order PDF phishing campaign
A PDF named “NEW Purchase Order # 52177236.pdf” turned out to be a phishing lure. So we analyzed the phishing script behind it. A customer…
Photo booth flaw exposes people’s private pictures online
Photo booths are great. You press a button and get instant results. The same can’t be said, allegedly, for the security practices of at least…