Threat Intelligence News and Insights - Malwarebytes Blog

Personal
< Products
Device Protection & Antivirus
Premium Security Antivirus
Mobile Security for Android & iOS
Identity Protection
Identity Theft Protection
Personal Data Remover
Digital Footprint Scanner
Privacy Protection
Privacy VPN
Browser Guard
AdwCleaner
Have a current computer infection?
Free Virus Scan
Worried it’s a scam?
Free Scam Guard tool
Try our antivirus with a free, full-featured 14-day trial
Free Antivirus
Get your free digital security toolkit
Explore all free tools

Find the right cyberprotection for you
Compare plans and pricing
Business

< Business

Teams
Protect small & home offices – no IT expertise needed
ThreatDown
Award-winning endpoint security for small and medium businesses
Pricing

< Pricing

Personal pricing
Protect your personal devices and data
Small or home office pricing
Protect your team’s devices and data – no IT skills needed
Corporate pricing
Explore award-winning endpoint security for your business
Partners
Resources
< Resources
Security terms glossary
Threat Center
Blog – Cybersecurity News
About Malwarebytes
Press
Careers
Cybersecurity Resource Center
Antivirus
Malware
Phishing
Ransomware
Small business hub
See all articles
Help

< Support

Malwarebytes Help Center
Malwarebytes and Teams Customers
ThreatDown Business Support
Nebula and Oneview Customers
Community Forums

THREAT INTEL

One click on this fake Google Meet update can give attackers control of your PC

March 6, 2026

We found a fake Google Meet update that enrolls the victim's Windows PC in an attacker's device management system.

Fake CleanMyMac site downloads infostealer

Fake CleanMyMac site installs SHub Stealer and backdoors crypto wallets

March 6, 2026

We uncovered a fake CleanMyMac site delivering SHub Stealer, a macOS infostealer that steals credentials and silently backdoors crypto wallets.

Trojanized FileZilla

A fake FileZilla site hosts a malicious download

March 2, 2026

A tampered copy of FileZilla quietly contacts attacker-controlled servers using encrypted DNS traffic that can slip past traditional monitoring.

Purchase order attachment isn’t a PDF. It’s phishing for your password

March 2, 2026

A fake purchase order attachment turned out to be a phishing page designed to harvest your login details.

Inside a fake Google security check that becomes a browser RAT

February 27, 2026

Disguised as a security check, this fake Google alert uses browser permissions to harvest contacts, location data, and more.

Fake Zoom and Google Meet scams install Teramind: A technical deep dive

February 26, 2026

Attackers don’t always need custom malware. Sometimes they just need a trusted brand and a legitimate tool.

Fake Zoom meeting “update” silently installs unauthorized version of monitoring tool abused by cybercriminals to spy on victims

February 24, 2026

A fake Zoom meeting page looks real, triggers a bogus “update,” and silently installs a legitimate commercial monitoring product.

Fake Avast phishing site

Refund scam impersonates Avast to harvest credit card details

February 24, 2026

A convincing fake Avast site displays a €499.99 charge and promises a refund. Instead, it harvests your name, address, and full credit card details.

Fake Huorong security site infects users with ValleyRAT

February 23, 2026

One extra letter in the domain is all it takes to hand over remote control of your system.

1 2 3 … 79 Next