Malwarebytes Labs – The Security Blog From Malwarebytes | Malwarebytes Labs Threat Intel A fake FileZilla site hosts a malicious download March 2, 2026 – A tampered copy of FileZilla quietly contacts attacker-controlled servers using encrypted DNS traffic that can slip past traditional monitoring. News Samsung TVs stop spying on viewers in Texas. Here’s how to disable ACR anywhere Scams Purchase order attachment isn’t a PDF. It’s phishing for your password AI Public Google API keys can be used to expose Gemini AI data News The Conduent breach; from 10 million to 25 million (and counting) PODCAST Podcast Our bi-weekly podcast of the latest security headlines and in-depth interviews with guests VIEW EPISODES AI AI If the robots are taking over, you'll want to know about it. READ MORE Data Breaches Data breaches Keep on top of the latest data breach news. READ MORE Threat Intelligence Threat Intel Stay up to date with the latest research and threat intelligence reports. READ MORE Samsung TVs stop spying on viewers in Texas. Here’s how to disable ACR anywhere Pieter Arntz March 2, 2026 0 Comments As Samsung settles a lawsuit over how its smart TVs collect and monetize viewing data using ACR, here's how the rest of us can limit the data we're sharing. A fake FileZilla site hosts a malicious download Stefan Dasic March 2, 2026 0 Comments A tampered copy of FileZilla quietly contacts attacker-controlled servers using encrypted DNS traffic that can slip past traditional monitoring. Purchase order attachment isn’t a PDF. It’s phishing for your password Pieter Arntz March 2, 2026 0 Comments A fake purchase order attachment turned out to be a phishing page designed to harvest your login details. A week in security (February 23 – March 1) Malwarebytes Labs March 2, 2026 0 Comments A list of topics we covered in the week of February 23 to March 1 of 2026 Public Google API keys can be used to expose Gemini AI data Pieter Arntz February 27, 2026 0 Comments Researchers found that Google API keys long treated as harmless can now unlock access to Gemini. Inside a fake Google security check that becomes a browser RAT Stefan Dasic February 27, 2026 0 Comments Disguised as a security check, this fake Google alert uses browser permissions to harvest contacts, location data, and more. Fake Zoom and Google Meet scams install Teramind: A technical deep dive Stefan Dasic February 26, 2026 0 Comments Attackers don’t always need custom malware. Sometimes they just need a trusted brand and a legitimate tool. How to understand and avoid Advanced Persistent Threats Pieter Arntz February 26, 2026 0 Comments APT stands for Advanced Persistent Threat. But what does that actually mean, and how does it translate into the kind of threat you’re facing? The Conduent breach; from 10 million to 25 million (and counting) Pieter Arntz February 26, 2026 0 Comments A third-party breach at Conduent now affects 25 million Americans—many never knew their data flowed through its systems. 1 2 3 … 606 Next Contributors Threat Center Podcast Glossary Scams
