Real Apple notifications are being used to drive tech support scams Scammers have found a way to abuse legitimate Apple notification emails to trick people into calling fake tech support numbers.

Real Apple notifications are being used to drive tech support scams. Malwarebytes Labs: www.malwarebytes.com/blog/news/20...

Mythos: An AI tool too powerful for public release Anthropic is keeping Mythos out of public hands, with limited access for select organizations over fears it could be misused.

Mythos: An AI tool too powerful for public release. Malwarebytes Labs www.malwarebytes.com/blog/news/20...

This old-school scam is still working We sent Tess to investigate a classic Nigerian advance-fee scam with a new twist. Sadly, these old scams are still in play because they work.

This old-school scam is still working. Malwarebytes Labs www.malwarebytes.com/blog/news/20...

“Your shipment has arrived” email hides remote access software This DHL-themed email tries to get recipients to install remote access software attackers can use to deploy further malware, including ransomware.

“Your shipment has arrived” email hides remote access software. Malwarebytes Labs: www.malwarebytes.com/blog/news/20...

Credit Resources Vault: Why this credit email set off our scam alarms Inside a targeted email campaign that funnels the most vulnerable financial people into handing over sensitive data, and signing up for weekly fees.

Credit Resources Vault: Why this credit email set off our scam alarms for Malwarebytes Labs www.malwarebytes.com/blog/news/20...

April Patch Tuesday fixes two zero-days, including one under active attack This month’s Patch Tuesday addresses 167 vulnerabilities, including two zero-days that could lead to system compromise, data exposure, and privilege escalation.

April Patch Tuesday fixes two zero-days, including one under active attack for Malwarebytes Labs www.malwarebytes.com/blog/news/20...

Omnistealer uses the blockchain to steal everything it can This malware is coming for your password managers, saved logins, cloud storage, crypto wallets, and just about anything else it can reach.

Omnistealer uses the blockchain to steal everything it can Malwarebytes Labs www.malwarebytes.com/blog/news/20...

Simply opening a PDF could trigger this Adobe Reader zero-day Even though it’s patched, Adobe confirmed it was exploited in the wild, so updating is urgent, not optional.

Simply opening a PDF could trigger this Adobe Reader zero-day for Malwarebytes Labs www.malwarebytes.com/blog/news/20...

ClickFix finds a new way to infect Macs ClickFix campaigns have found a way around macOS Tahoe's warnings against pasting commands in the Terminal. They're using Script Editor instead.

ClickFix finds a new way to infect Macs for Malwarebytes Labs www.malwarebytes.com/blog/news/20...

Scammers pose as Amazon support to steal your account for Malwarebytes Labs www.malwarebytes.com/blog/news/20...

A new wave of Amazon refund scams is spreading, hitting both email inboxes and text messages.

NSFW app leak exposes 70,000 prompts linked to individual users for Malwarebytes Labs www.malwarebytes.com/blog/news/20...

Russian hacking group targets home and small office routers to spy on users The FBI, NCSC, and Microsoft warn of an ongoing Russian campaign hijacking DNS settings on home and small office routers to spy on users.

Russian hacking group targets home and small office routers to spy on users for Malwarebytes Labs www.malwarebytes.com/blog/news/20...

Traffic violation scams swap links for QR codes to steal your card details Phishers are using QR codes on official-looking notices to level up their traffic and toll scams.

Traffic violation scams swap links for QR codes to steal your card details for Malwarebytes Labs www.malwarebytes.com/blog/news/20...

Apple expands “DarkSword” patches to iOS 18.7.7 Apple has quietly expanded patches against the vulnerabilities in the DarkSword exploit kit to include iOS and iPadOS 18.7.7

Apple expands “DarkSword” patches to iOS 18.7.7 for Malwarebytes Labs www.malwarebytes.com/blog/news/20...

WhatsApp on Windows users targeted in new campaign, warns Microsoft Microsoft warns WhatsApp on Windows users about an ongoing campaign that tries to gain permanent access to your machine

WhatsApp on Windows users targeted in new campaign, warns Microsoft for Malwarebytes Labs www.malwarebytes.com/blog/news/20...

Axios supply chain attack chops away at npm trust Developers using the axios package from npm may have downloaded a malicous version that drops a Remote Access Trojan

Axios supply chain attack chops away at npm trust for Malwarebytes Labs www.malwarebytes.com/blog/news/20...

New macOS security feature will alert users about possible ClickFix attacks Apple introduced an extra layer of protection against ClickFix attacks, only for macOS Tahoe 26.4 and later

New macOS security feature will alert users about possible ClickFix attacks for Malwarebytes Labs www.malwarebytes.com/blog/news/20...

Criminals are renting virtual phones to bypass bank security Not a real phone, but good enough to fool your bank. Researchers warn criminals are using virtual devices to bypass fraud checks.

Criminals are renting virtual phones to bypass bank security for Malwarebytes Labs www.malwarebytes.com/blog/news/20...

GlassWorm attack installs fake browser extension for surveillance It hides inside developer tools, then monitors activity and steals data, turning a single infection into a wider risk across the supply chain.

GlassWorm attack installs fake browser extension for surveillance for Malwarebytes Labs www.malwarebytes.com/blog/news/20...

New FCC router ban could leave home networks less secure The FCC announced a ban on routers made outside the US, but it could backfire. Here’s the real risk, and what you can do about it.

New FCC router ban could leave home networks less secure for Malwarebytes Labs www.malwarebytes.com/blog/news/20...

Meet Khaled Mohamed: the bug hunter who found a Microsoft flaw We talked to Khaled Mohamed on going from “script kiddie” to bug bounty hunter, and the moment he uncovered a flaw in Microsoft Authenticator.

Meet Khaled Mohamed: the bug hunter who found a Microsoft flaw for Malwarebytes Labs www.malwarebytes.com/blog/bugs/20...

FBI, CISA warn of Russian hackers hijacking Signal and WhatsApp accounts The FBI and CISA join European agencies in warning of a widespread, easily scalable social engineering campaign targeting messaging apps.

FBI, CISA warn of Russian hackers hijacking Signal and WhatsApp accounts for Malwarebytes Labs www.malwarebytes.com/blog/news/20...

Advanced Flow will make Android sideloading safer Google’s new Advanced Flow aims to make sideloading safer on Android by slowing down scam-driven installs.

Advanced Flow will make Android sideloading safer for Malwarebytes Labs www.malwarebytes.com/blog/news/20...

Could your face change what you pay? NYC wants limits on biometric tracking NYC lawmakers are pushing to rein in biometric tracking before it turns into real-world surveillance pricing and customer profiling.

Could your face change what you pay? NYC wants limits on biometric tracking for Malwarebytes Labs www.malwarebytes.com/blog/news/20...

A DarkSword hangs over unpatched iPhones Researchers have identified multiple state-level attacks using DarkSword, a chain of vulnerabilities, to infect unpatches iPhones.

A DarkSword hangs over unpatched iPhones for Malwarebytes Labs www.malwarebytes.com/blog/mobile/...

Researchers found font-rendering trick to hide malicious commands Researchers found a way to trick AI assistants into missing dangerous user instructions on a website.

Researchers found font-rendering trick to hide malicious commands for Malwarebytes Labs www.malwarebytes.com/blog/news/20...

Apple patches WebKit bug that could let sites access your data Apple has released a Background Security Improvement that silently fixes a WebKit vulnerability (CVE-2026-20643).

Apple patches WebKit bug that could let sites access your data for Malwarebytes Labs www.malwarebytes.com/blog/news/20...

Zombie ZIP method can fool antivirus during the first scan Researchers published about the Zombie ZIP vulnerability (or not a vulnerability, that's up for debate) that can bypass a first AV inspection.

Zombie ZIP method can fool antivirus during the first scan for Malwarebytes Labs www.malwarebytes.com/blog/news/20...

Apple patches Coruna exploit kit flaws for older iOS versions Apple issued security updates for older iOS and iPadOS versions to close vulnerabilities exploited by the Coruna exploit kit.

Apple patches Coruna exploit kit flaws for older iOS versions for Malwarebytes Labs www.malwarebytes.com/blog/news/20...

This Android vulnerability can break your lock screen in under 60 seconds Researchers showed how attackers could pull encryption keys, recover the PIN, and access sensitive data from affected devices.

This Android vulnerability can break your lock screen in under 60 seconds for Malwarebytes Labs www.malwarebytes.com/blog/news/20...