An AI plush toy exposed thousands of private chats with children
Bondu’s AI plush toy exposed a web console that let anyone with a Gmail account read about 50,000 private chats between children and their cuddly…
Category: MalwareBytes
Apple’s new iOS setting addresses a hidden layer of location tracking
Most iPhone owners have hopefully learned to manage app permissions by now, including allowing location access. But there’s another layer of location tracking that operates…
AT&T breach data resurfaces with new risks for customers
When data resurfaces, it never comes back weaker. A newly shared dataset tied to AT&T shows just how much more dangerous an “old” breach can…
A fake cloud storage alert that ends at Freecash
Last week we talked about an app that promises users they can make money testing games, or even just by scrolling through TikTok. Imagine our…
How Manifest v3 forced us to rethink Browser Guard, and why that’s a good thing
As a Browser Guard user, you might not have noticed much difference lately. Browser Guard still blocks scams and phishing attempts just like always, and,…
Scam-checking just got easier: Malwarebytes is now in ChatGPT
If you’ve ever stared at a suspicious text, email, or link and thought “Is this a scam… or am I overthinking it?” Well, you’re not alone. Scams are getting harder to spot, and…
How fake party invitations are being used to install remote access tools
“You’re invited!” It sounds friendly, familiar and quite harmless. But in a scam we recently spotted, that simple phrase is being used to trick victims into installing a full remote access tool on their Windows computers—giving attackers complete control…
Match, Hinge, OkCupid, and Panera Bread breached by ransomware group
The ShinyHunters ransomware group has claimed the theft of data containing 10 million records belonging to the Match Group and 14 million records from bakery-café…
TikTok’s privacy update mentions immigration status. Here’s why.
In 2026, could any five words be more chilling than “We’re changing our privacy terms?” The timing could not have been worse for TikTok US…
Meta confirms it’s working on premium subscription for its apps
Meta plans to test exclusive features that will be incorporated in paid versions of Facebook, Instagram, and WhatsApp. It confirmed these plans to TechCrunch. But…
Microsoft Office zero-day lets malicious documents slip past security checks
Microsoft issued an emergency patch for a high-severity zero-day vulnerability in Office that allows attackers to bypass document security checks and is being exploited in…
Clawdbot’s rename to Moltbot sparks impersonation campaign
After the viral AI assistant Clawdbot was forced to rename to Moltbot due to a trademark dispute, opportunists moved quickly. Within days, typosquat domains and…