Last week on Malwarebytes Labs:
- CISA warns ASUS Live Update backdoor is still exploitable, seven years on
- The ghosts of WhatsApp: How GhostPairing hijacks accounts
- Chrome extension slurps up AI chats after users installed it for privacy
- Two Chrome flaws could be triggered by simply browsing the web: Update now
- Inside a purchase order PDF phishing campaign
- SoundCloud, Pornhub, and 700Credit all reported data breaches, but the similarities end there
- Android mobile adware surges in second half of 2025
- Photo booth flaw exposes people’s private pictures online
- Google is discontinuing its dark web report: why it matters
- Pig butchering is the next “humanitarian global crisis” (Lock and Code S06E25)
- PayPal closes loophole that let scammers send real emails with fake purchase notices
On the ThreatDown blog:
Stay safe!
We don’t just report on threats—we help safeguard your entire digital identity
Cybersecurity risks should never spread beyond a headline. Protect your, and your family’s, personal information by using identity protection.
