Malwarebytes Labs – The Security Blog From Malwarebytes | Malwarebytes Labs Scams Purchase order attachment isn’t a PDF. It’s phishing for your password March 2, 2026 – A fake purchase order attachment turned out to be a phishing page designed to harvest your login details. AI Public Google API keys can be used to expose Gemini AI data News The Conduent breach; from 10 million to 25 million (and counting) Privacy Inside a fake Google security check that becomes a browser RAT How to How to understand and avoid Advanced Persistent Threats PODCAST Podcast Our bi-weekly podcast of the latest security headlines and in-depth interviews with guests VIEW EPISODES AI AI If the robots are taking over, you'll want to know about it. READ MORE Data Breaches Data breaches Keep on top of the latest data breach news. READ MORE Threat Intelligence Threat Intel Stay up to date with the latest research and threat intelligence reports. READ MORE Purchase order attachment isn’t a PDF. It’s phishing for your password Pieter Arntz March 2, 2026 0 Comments A fake purchase order attachment turned out to be a phishing page designed to harvest your login details. A week in security (February 23 – March 1) Malwarebytes Labs March 2, 2026 0 Comments A list of topics we covered in the week of February 23 to March 1 of 2026 Public Google API keys can be used to expose Gemini AI data Pieter Arntz February 27, 2026 0 Comments Researchers found that Google API keys long treated as harmless can now unlock access to Gemini. Inside a fake Google security check that becomes a browser RAT Stefan Dasic February 27, 2026 0 Comments Disguised as a security check, this fake Google alert uses browser permissions to harvest contacts, location data, and more. Fake Zoom and Google Meet scams install Teramind: A technical deep dive Stefan Dasic February 26, 2026 0 Comments Attackers don’t always need custom malware. Sometimes they just need a trusted brand and a legitimate tool. How to understand and avoid Advanced Persistent Threats Pieter Arntz February 26, 2026 0 Comments APT stands for Advanced Persistent Threat. But what does that actually mean, and how does it translate into the kind of threat you’re facing? The Conduent breach; from 10 million to 25 million (and counting) Pieter Arntz February 26, 2026 0 Comments A third-party breach at Conduent now affects 25 million Americans—many never knew their data flowed through its systems. Instagram flagged explicit messages to minors in 2018. Image-blurring arrived six years later Danny Bradbury February 26, 2026 0 Comments Unsealed court records reveal Instagram executives discussed explicit messages to teens years before a blur feature was introduced. Developer creates app to detect nearby smart glasses Pieter Arntz February 25, 2026 0 Comments A developer created an Android app that looks for nearby smart glasses. It's not perfect, but it can help people in certian circumstances. 1 2 3 … 606 Next Contributors Threat Center Podcast Glossary Scams
