Bugs | Malwarebytes Blog

Personal
< Products
Device Protection & Antivirus
Premium Security Antivirus
Mobile Security for Android & iOS
Identity Protection
Identity Theft Protection
Personal Data Remover
Digital Footprint Scanner
Privacy Protection
Privacy VPN
Browser Guard
AdwCleaner
Have a current computer infection?
Free Virus Scan
Worried it’s a scam?
Free Scam Guard tool
Try our antivirus with a free, full-featured 14-day trial
Free Antivirus
Get your free digital security toolkit
Explore all free tools

Find the right cyberprotection for you
Compare plans and pricing
Business

< Business

Teams
Protect small & home offices – no IT expertise needed
ThreatDown
Award-winning endpoint security for small and medium businesses
Pricing

< Pricing

Personal pricing
Protect your personal devices and data
Small or home office pricing
Protect your team’s devices and data – no IT skills needed
Corporate pricing
Explore award-winning endpoint security for your business
Partners
Resources
< Resources
Security terms glossary
Threat Center
Cybersecurity News
About Malwarebytes
Press
Careers
Cybersecurity Resource Center
Antivirus
Malware
Phishing
Ransomware
Small business hub
See all articles
Help

< Support

Malwarebytes Help Center
Malwarebytes and Teams Customers
ThreatDown Business Support
Nebula and Oneview Customers
Community Forums

BUGS

CISA warns ASUS Live Update backdoor is still exploitable, seven years on

December 19, 2025

Seven years after the original attack, CISA has added the ASUS Live Update backdoor to its Known Exploited Vulnerabilities catalog.

Two Chrome flaws could be triggered by simply browsing the web: Update now

December 17, 2025

Google's patched two flaws in Chrome, both of which can be triggered remotely when a user loads specially crafted web content.

[Updated] Another Chrome zero-day under attack: update now

December 11, 2025

If we’re lucky, this update will close out 2025’s run of Chrome zero-days. This one is a V8 type-confusion issue already being exploited in the wild.

December Patch Tuesday fixes three zero-days, including one that hijacks Windows devices

December 10, 2025

The update patches three zero-days and introduces a new PowerShell warning meant to help you avoid accidentally running unsafe code from the web.

Update Chrome now: Google fixes 13 security issues affecting billions

December 4, 2025

Google has pushed out a Chrome update with 13 security fixes, including a high-severity flaw in Digital Credentials.

How CVSS v4.0 works: characterizing and scoring vulnerabilities

November 28, 2025

This blog explains why vulnerability scoring matters, how CVSS works, and what’s new in version 4.0.

Chrome zero-day under active attack: visiting the wrong site could hijack your browser

November 18, 2025

Google has released an update to patch two high-severity vulnerabilities, one of which is already under active exploitation.

Update now: November Patch Tuesday fixes Windows zero-day exploited in the wild

November 12, 2025

This month’s Windows update closes several major security holes, including one that’s already being used by attackers. Make sure your PC is up to date.

Samsung zero-day lets attackers take over your phone

November 11, 2025

A critical vulnerability that affects Samsung mobile devices was exploited in the wild to distribute LANDFALL spyware.

1 2 3 … 46 Next