OpenClaw: What is it and can you use it safely?
An AI tool with a funny name has caused quite a commotion as of late—including some allegations of machine consciousness—so here is a breakdown on…
Category: MalwareBytes
Password managers keep your passwords safe, unless…
I’m a big advocate of password managers. Granted, there are better alternatives for passwords like passkeys, but if a provider offers nothing but password options,…
Fake Huorong security site infects users with ValleyRAT
A convincing lookalike of the popular Huorong Security antivirus has been used to deliver ValleyRAT, a sophisticated Remote Access Trojan (RAT) built on the Winos4.0…
What can’t you say on TikTok?
This week on the Lock and Code podcast… A funny thing happened on TikTok last month, and it has brought allegations of censorship, manipulation, and…
Age verification vendor Persona left frontend exposed
Three researchers investigating Discord’s age-verification checks say they discovered an exposed frontend belonging to Persona, the identity-verification vendor used by Discord. It revealed a far…
Facebook ads spread fake Windows 11 downloads that steal passwords and crypto wallets
Attackers are running paid Facebook ads that look like official Microsoft promotions, then directing users to near-perfect clones of the Windows 11 download page. Click…
AI-generated passwords are a security risk
Using Artificial Intelligence (AI) to generate your passwords is a bad idea. It’s likely to give that password to a criminal who can then use…
Intimate products producer Tenga spilled customer data
Tenga confirmed reports published by several outlets that the company notified customers of a data breach. The Japanese manufacturer of adult products appears to have…
Meta patents AI that could keep you posting from beyond the grave
Tech bros have been wanting to become immortal for years. Until they get there, their fallback might be continuing to post nonsense on social media…
Betterment data breach might be worse than we thought
Betterment LLC is an investment advisor registered with US Securities and Exchange Commission (SEC). The company disclosed a January 2026 incident in which an attacker…
Job scam uses fake Google Forms site to harvest Google logins
As part of our investigation into a job-themed phishing campaign, we came across several suspicious URLs that all looked like this: https://forms.google.ss-o[.]com/forms/d/e/{unique_id}/viewform?form=opportunitysec&promo= The subdomain forms.google.ss-o[.]com…
Scammers use fake “Gemini” AI chatbot to sell fake “Google Coin”
Scammers have found a new use for AI: creating custom chatbots posing as real AI assistants to pressure victims into buying worthless cryptocurrencies. We recently…