March 2026 Patch Tuesday fixes two zero-day vulnerabilities
Microsoft releases important security updates on the second Tuesday of every month, known as Patch Tuesday. This month’s update fixes 79 Microsoft CVEs including two…
Category: MalwareBytes
How to see your Google Search history (and delete it)
Your Google Search history provides one of the most detailed windows into your private life, and I know this because when I looked at my…
Hackers may have breached FBI wiretap network via supply chain
Investigators are worried that a recent attack on a critical FBI system was more than just a random hit, and that another nation-state might have…
Signal and WhatsApp accounts targeted in phishing campaign
Dutch intelligence services AIVD and MIVD warn that Russian state‑backed hackers are running a large‑scale campaign to break into Signal and WhatsApp accounts of high‑value…
Quiz sites trick users into enabling unwanted browser notifications
Our support team flagged a number of customers who suspected their device might be infected with malware, but Malwarebytes scans came up empty. When the…
Fake Claude Code install pages hit Windows and Mac users with infostealers
Attackers are cloning install pages for popular tools like Claude Code and swapping the “one‑liner” install commands with malware, mainly to steal passwords, cookies, sessions,…
Ring doorbells: Won’t you see my neighbor? (Lock and Code S07E05)
This week on the Lock and Code podcast… On February 8, during the Super Bowl in the United States, countless owners of one of the…
Public Google API keys can be used to expose Gemini AI data
Google Maps/Cloud API (Application Programming Interface) keys that used to be safe to publish can now, in many cases, be used as real Gemini AI…
Purchase order attachment isn’t a PDF. It’s phishing for your password
An attachment named New PO 500PCS.pdf.hTM, posing as a purchase order in PDF form, turned out to be something entirely different: a credential-harvesting web page that…
A fake FileZilla site hosts a malicious download
A trojanized copy of the open-source FTP client FileZilla 3.69.5 is circulating online. The archive contains the legitimate FileZilla application, but with a single malicious…
Samsung TVs stop spying on viewers in Texas. Here’s how to disable ACR anywhere
Samsung has settled a lawsuit with the Texas Attorney General over how its smart TVs collect and monetize viewing data using Automated Content Recognition (ACR).…
Chrome flaw let extensions hijack Gemini’s camera, mic, and file access
Chrome’s Gemini “Live in Chrome” panel (Gemini’s embedded, agent-style assistant mode within Chrome) had a high‑severity vulnerability tracked as CVE‑2026‑0628. The flaw let a low‑privilege…