Bugs | Malwarebytes Blog

Personal
< Products
Device Protection & Antivirus
Premium Security Antivirus
Mobile Security for Android & iOS
Identity Protection
Identity Theft Protection
Personal Data Remover
Digital Footprint Scanner
Privacy Protection
Privacy VPN
Browser Guard
AdwCleaner
Have a current computer infection?
Free Virus Scan
Worried it’s a scam?
Free Scam Guard tool
Try our antivirus with a free, full-featured 14-day trial
Free Antivirus
Get your free digital security toolkit
Explore all free tools

Find the right cyberprotection for you
Compare plans and pricing
Business

< Business

Teams
Protect small & home offices – no IT expertise needed
ThreatDown
Award-winning endpoint security for small and medium businesses
Pricing

< Pricing

Personal pricing
Protect your personal devices and data
Small or home office pricing
Protect your team’s devices and data – no IT skills needed
Corporate pricing
Explore award-winning endpoint security for your business
Partners
Resources
< Resources
Security terms glossary
Threat Center
Cybersecurity News
About Malwarebytes
Press
Careers
Cybersecurity Resource Center
Antivirus
Malware
Phishing
Ransomware
Small business hub
See all articles
Help

< Support

Malwarebytes Help Center
Malwarebytes and Teams Customers
ThreatDown Business Support
Nebula and Oneview Customers
Community Forums

BUGS

earbuds

WhisperPair exposes Bluetooth earbuds and headphones to tracking and eavesdropping

January 16, 2026

Researchers demonstrated WhisperPair, a set of attacks that can take control of many widely used Bluetooth earbuds and headphones without user interaction.

Microsoft Copilot

“Reprompt” attack lets attackers steal data from Microsoft Copilot

January 15, 2026

Researchers uncovered a way to steal data from Microsoft Copilot users with a single malicious link.

liquid glass security fix

Why iPhone users should update and restart their devices now

January 13, 2026

Apple has confirmed active exploitation, but full protections are limited to iPhones running iOS 26+ (yes, the one with Liquid Glass).

HPE and Powerpoint logos

CISA warns of active attacks on HPE OneView and legacy PowerPoint

January 8, 2026

Two actively exploited flaws—one brand new, one 16 years old—have been added to CISA’s KEV catalog, signaling urgent patching.

CISA warns ASUS Live Update backdoor is still exploitable, seven years on

December 19, 2025

Seven years after the original attack, CISA has added the ASUS Live Update backdoor to its Known Exploited Vulnerabilities catalog.

Two Chrome flaws could be triggered by simply browsing the web: Update now

December 17, 2025

Google's patched two flaws in Chrome, both of which can be triggered remotely when a user loads specially crafted web content.

[Updated] Another Chrome zero-day under attack: update now

December 11, 2025

If we’re lucky, this update will close out 2025’s run of Chrome zero-days. This one is a V8 type-confusion issue already being exploited in the wild.

December Patch Tuesday fixes three zero-days, including one that hijacks Windows devices

December 10, 2025

The update patches three zero-days and introduces a new PowerShell warning meant to help you avoid accidentally running unsafe code from the web.

Intellexa Predator

Leaks show Intellexa burning zero-days to keep Predator spyware running

December 5, 2025

A fresh investigation uncovers how Predator spyware still reaches victims through high-priced, newly bought zero-days.

1 2 3 … 48 Next