Apple patches WebKit bug that could let sites access your data
Apple has released a Background Security Improvement to patch a flaw that could allow malicious websites to bypass browser protections and access data from other…
Category: MalwareBytes
Inside a network of 20,000+ fake shops
We mapped a sprawling fake shop operation of over 20,000 domains, dozens of shared IP addresses and identical storefronts with different names pasted on top.…
Google cracks down on Android apps abusing accessibility
Google just dropped a bombshell for app developers with the latest version of its Android mobile operating system. The company can now prevent apps from…
How searching for a VPN could mean handing over your work login details
This blog is about how trying to do the “right thing” can lead you straight into a trap. People searching for a VPN ended up…
Fake Pudgy World site steals your crypto passwords
A phishing site impersonating the newly-launched Pudgy World browser game is targeting crypto users with a technique that goes well beyond a convincing logo and…
90% of people don’t trust AI with their data
AI didn’t sneak into our lives. It burst through the door, took a seat at the table, and started finishing our sentences. Instead of a…
Delete doesn’t mean gone. Here’s how File Shredder fixes that
You have done it a thousand times. Right-click. Delete. Empty Trash. Done. Except it’s not done. That file, your tax return, your private photos, that…
Zombie ZIP method can fool antivirus during the first scan
A researcher published “Zombie ZIP,” a simple way to change the first part (header) of a ZIP file so it falsely claims its contents are uncompressed while…
Hacked sites deliver Vidar infostealer to Windows users
In recent years, ClickFix and fake CAPTCHA techniques have become a popular way for cybercriminals to distribute malware. Instead of exploiting a technical vulnerability, these…
Meta rolls out anti-scam tools across WhatsApp, Facebook, and Messenger
Meta has rolled out more anti-scam protections across WhatsApp, Facebook, and Messenger to fight sophisticated fraud tactics. The features will help stop celebrity impersonators and…
Microsoft Authenticator could leak login codes—update your app now
A vulnerability in Microsoft Authenticator for both iOS and Android (CVE-2026-26123) could leak your one-time sign-in codes or authentication deep links to a malicious app…
This Android vulnerability can break your lock screen in under 60 seconds
A vulnerability in Android devices can allow attackers to gain access to a phone in less than a minute. The vulnerability, tracked as CVE-2026-20435, affects…