Malwarebytes Labs - The Security Blog From Malwarebytes | Malwarebytes Labs

Personal
< Products
Device Protection & Antivirus
Premium Security Antivirus
Mobile Security for Android & iOS
Identity Protection
Identity Theft Protection
Personal Data Remover
Digital Footprint Scanner
Privacy Protection
Privacy VPN
Browser Guard
AdwCleaner
Have a current computer infection?
Free Virus Scan
Worried it’s a scam?
Free Scam Guard tool
Try our antivirus with a free, full-featured 14-day trial
Free Antivirus
Get your free digital security toolkit
Explore all free tools

Find the right cyberprotection for you
Compare plans and pricing
Business

< Business

Teams
Protect small & home offices – no IT expertise needed
ThreatDown
Award-winning endpoint security for small and medium businesses
Pricing

< Pricing

Personal pricing
Protect your personal devices and data
Small or home office pricing
Protect your team’s devices and data – no IT skills needed
Corporate pricing
Explore award-winning endpoint security for your business
Partners
Resources
< Resources
Security terms glossary
Threat Center
Blog – Cybersecurity News
About Malwarebytes
Press
Careers
Cybersecurity Resource Center
Antivirus
Malware
Phishing
Ransomware
Small business hub
See all articles
Help

< Support

Malwarebytes Help Center
Malwarebytes and Teams Customers
ThreatDown Business Support
Nebula and Oneview Customers
Community Forums

Trojanized FileZilla

Threat Intel

A fake FileZilla site hosts a malicious download

March 2, 2026 – A tampered copy of FileZilla quietly contacts attacker-controlled servers using encrypted DNS traffic that can slip past traditional monitoring.

Smart TV

News

Samsung TVs stop spying on viewers in Texas. Here’s how to disable ACR anywhere

Scams

Purchase order attachment isn’t a PDF. It’s phishing for your password

AI

Public Google API keys can be used to expose Gemini AI data

Conduent and major clients logos

News

The Conduent breach; from 10 million to 25 million (and counting)

Lock and Code podcast

PODCAST

Podcast

Our bi-weekly podcast of the latest security headlines and in-depth interviews with guests

VIEW EPISODES

AI news

AI

AI

If the robots are taking over, you'll want to know about it.

READ MORE

Data breach news

Data Breaches

Data breaches

Keep on top of the latest data breach news.

READ MORE

Threat Intelligence

Threat Intel

Stay up to date with the latest research and threat intelligence reports.

READ MORE

week in security

A week in security (February 16 – February 22)

Malwarebytes Labs

February 23, 2026

0 Comments

A list of topics we covered in the week of February 16 to February 22 of 2026

An illustrated padlock is mounted into a microphone stand with sound waves emitting from the device.

What can’t you say on TikTok?

Malwarebytes Labs

February 22, 2026

0 Comments

This week on the Lock and Code podcast, we speak with Zach Hinkle and MinJi Pae about TikTok's new American ownership—and it's new rules.

Age verification checks

Age verification vendor Persona left frontend exposed, researchers say

Pieter Arntz

February 20, 2026

0 Comments

Behind a basic age check, researchers say Persona’s system runs extensive identity, watchlist, and adverse-media screening.

Facebook ads spread fake Windows 11 downloads that steal passwords and crypto wallets

Stefan Dasic

February 20, 2026

0 Comments

Attackers are weaponizing Facebook ads to distribute password-stealing malware masked as a Windows download.

A hand reaches down to grab one asterisk from a written password.

AI-generated passwords are a security risk

Pieter Arntz

February 19, 2026

0 Comments

AI-generated passwords are "highly predictable" and aren’t truly random, making them easier for cybercriminals to crack.

Intimate products maker Tenga spilled customer data

Pieter Arntz

February 19, 2026

0 Comments

A phishing attack on a Tenga employee may have exposed US customer data. Customers should watch for sextortion-themed phishing attempts.

Meta patents AI that could keep you posting from beyond the grave

Danny Bradbury

February 19, 2026

0 Comments

Hopefully Meta really will file this in the "just because we can do it doesn't mean we should" drawer.

Betterment data breach might be worse than we thought

Pieter Arntz

February 18, 2026

0 Comments

This breach now appears far more serious. The leaked data includes rich personal and financial details that phishers could use.

not every form is what it seems

Job scam uses fake Google Forms site to harvest Google logins

Pieter Arntz

February 18, 2026

0 Comments

Phishers are using fake Google Forms pages hosted on lookalike domains to trick job seekers into handing over their Google credentials.

Previous 1 2 3 4 5 … 606 Next