Microsoft won’t patch PhantomRPC: Feature or bug?
A researcher has discovered a weakness called PhantomRPC that Microsoft does not consider a vulnerability it plans to patch. PhantomRPC involves Windows Remote Procedure Call…
Category: MalwareBytes
Fake CAPTCHA scam turns a quick click into a costly phone bill
Researchers have documented a long‑running campaign that uses fake CAPTCHA pages to trick mobile users into sending dozens of international SMS messages in the background.…
Chinese engineer stole US military and NASA software for years
International espionage isn’t always about sophisticated malware and zero-day bugs. Sometimes it’s as simple as pretending to be someone else asking for a favor. For…
A week in security (April 20 – April 26)
Last week on Malwarebytes Labs: Medical data of 500,000 UK volunteers listed for sale on Alibaba How cyberattacks on companies affect everyone Apple fixes iOS…
Medical data of 500,000 UK volunteers listed for sale on Alibaba
Half a million Britons signed up to help cure cancer. Their data ended up for sale on Alibaba. The UK Biobank charity informed the British…
Roblox clamps down on chats and age checks as legal pressure builds
Roblox has long faced criticism over child safety on its platform. Now it has started settling with state attorneys over the issue, and the total…
How cyberattacks on companies affect everyone
If you use the internet, you’ve likely been affected by cybercrime in some way. Even when an attack is aimed at a company, the fallout…
Apple fixes iOS bug that kept deleted notifications, including chat previews
Apple has released a software update that deals with an issue that could allow deleted notifications to be retrieved. Something that, in at least one…
Malicious trading website drops malware that hands your browser to attackers
During our threat hunting, we found a campaign using the same malware loader from our previous research to deliver a different threat: Needle Stealer, data-stealing…
Researcher claims Claude Desktop installs “spyware” on macOS
Security researcher Alexander Hanff wrote an article titled Anthropic secretly installs spyware when you install Claude Desktop. Claims like that are bound to create two…
Real Apple notifications are being used to drive tech support scams
Scammers have found a way to abuse legitimate Apple account notification emails to trick targets into calling fake tech support numbers. According to a report…
Fake Google Antigravity downloads are stealing accounts in minutes
Somebody went looking for Google’s new Antigravity coding tool this week, clicked download, ran the installer, and got exactly what they thought they were getting.…