Google fixes two actively exploited zero-day vulnerabilities in Android
Google has patched 62 vulnerabilities in Android, including two actively exploited zero-days in its April 2025 Android Security Bulletin. When we say “zero-day” we mean…
Category: MalwareBytes
Is your phone listening to you? (Lock and Code S06E07)
This week on the Lock and Code podcast… It has probably happened to you before. You and a friend are talking—not texting, not DMing, not…
Toll fee scams are back and heading your way
Back in August 2024, we warned about a relatively new type of SMS phishing (or smishing) scam that was doing the rounds. Now a new…
Flaw in Verizon call record requests put millions of Americans at risk
Security researcher Evan Connelly discovered an enormous flaw affecting one of the largest telecommunications companies in the world that could allow any single person to…
Popular VPNs are routing traffic via Chinese companies, including one with link to military
Up to one in five of the most popular mobile VPNs for iOS last year are owned by Chinese companies that do their best to…
QR codes sent in attachments are the new favorite for phishers
Recently we’ve been seeing quite a few phishing campaigns using QR codes in email attachments. The lure and the targets are varied, but the use…
Location, name, and photos of random kids shown to parents in child tracker mix up
Not one but several worried parents that tracked their children by using T-Mobile tracking devices suddenly found that they were looking at the location of…
“Nudify” deepfakes stored unprotected online
Yesterday, we told you about how millions of pictures from specialized dating apps had been stored online without any kind of password protection. Now it’s…
Intimate images from kink and LGBTQ+ dating apps left exposed online
A researcher found millions of pictures from specialized dating apps for iOS stored online without any kind of password protection. The pictures, some of which…
“Urgent reminder” tax scam wants to phish your Microsoft credentials
Tax season is in full force, and with the filing deadline fast approaching on April 15, scammers are happy to use that sense of urgency…
Why we’re no longer doing April Fools’ Day
The internet is filled with falsehoods. We’re forever investigating new scams here at Malwarebytes, and so we get how hard it is to know what—or…
Vulnerability in most browsers abused in targeted attacks
Researchers found a vulnerability in Chrome that was abused in the wild against organizations in Russia. Google has released an update for its Chrome browser…