Fake LastPass maintenance emails target users
The LastPass Threat Intelligence, Mitigation, and Escalation (TIME) team has published a warning about an active phishing campaign in which fake “maintenance” emails pressure users…
Category: MalwareBytes
Under Armour ransomware breach: data of 72 million customers appears on the dark web
When reports first emerged in November 2025 that sportswear giant Under Armour had been hit by the Everest ransomware group, the story sounded depressingly familiar:…
Can you use too many LOLBins to drop some RATs?
Recently, our team came across an infection attempt that stood out—not for its sophistication, but for how determined the attacker was to take a “living…
Malicious Google Calendar invites could expose private data
Researchers found a way to weaponize calendar invites. They uncovered a vulnerability that allowed them to bypass Google Calendar’s privacy controls using a dormant payload…
Fake extension crashes browsers to trick users into infecting themselves
Researchers have found another method used in the spirit of ClickFix: CrashFix. ClickFix campaigns use convincing lures—historically “Human Verification” screens—to trick the user into pasting…
Google will pay $8.25m to settle child data-tracking allegations
Google has settled yet another class-action lawsuit accusing it of collecting children’s data and using it to target them with advertising. The tech giant will…
Firefox joins Chrome and Edge as sleeper extensions spy on users
A group of cybercriminals called DarkSpectre is believed to be behind three campaigns spread by malicious browser extensions: ShadyPanda, GhostPoster, and Zoom Stealer. We wrote…
WhisperPair exposes Bluetooth earbuds and headphones to tracking and eavesdropping
WhisperPair is a set of attacks that lets an attacker hijack many popular Bluetooth audio accessories that use Google Fast Pair and, in some cases,…
Dutch police sell fake tickets to show how easily scams work
If you can’t beat them, copy them. That seems to be the thinking behind an unusual campaign by the Dutch police, who set up a…
“Reprompt” attack lets attackers steal data from Microsoft Copilot
Researchers found a method to steal data which bypasses Microsoft Copilot’s built-in safety mechanisms. The attack flow, called Reprompt, abuses how Microsoft Copilot handled…
Phishing scammers are posting fake “account restricted” comments on LinkedIn
Recently, fake LinkedIn profiles have started posting comment replies claiming that a user has “engaged in activities that are not in compliance” with LinkedIn’s policies…
Online shoppers at risk as Magecart skimming hits major payment networks
Researchers have been tracking a Magecart campaign that targets several major payment providers, including American Express, Diners Club, Discover, and Mastercard. Magecart is an umbrella…