MOBILE

week in security

A week in security (April 6 – April 12)

April 13, 2026

A list of topics we covered in the week of April 6 to April 12 of 2026

Fake site downloads a trojanized version of Claude

Fake Claude site installs malware that gives attackers access to your computer

April 10, 2026

We found a convincing fake site that installs a trojanized Claude app while quietly deploying PlugX malware.

Breaking script

ClickFix finds a new way to infect Macs

April 10, 2026

ClickFix campaigns have found a way around macOS Tahoe's warnings against pasting commands in the Terminal. They're using Script Editor instead.

Amazon pick-up location

Scammers pose as Amazon support to steal your account

April 9, 2026

A new wave of Amazon refund scams is spreading, hitting both email inboxes and text messages.

MyLovely.ai app logo

NSFW app leak exposes 70,000 prompts linked to individual users

April 9, 2026

MyLovelyAI leaked personal data, explicit prompts, and images of over 100,000 users, exposing many to sextortion and doxxing.

Facebook login screen

30,000 private Facebook images allegedly downloaded by Meta employee

April 9, 2026

The accused didn't just browse around; he built a custom script designed to circumvent Meta's internal detection systems.

Microsoft fake update

This fake Windows support website delivers password-stealing malware

April 9, 2026

A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.

Malwarebytes

Your extensions leak clues about you, so we made sure Browser Guard doesn’t

April 8, 2026

Your browser extensions can be used to build a profile of you for advertisers and scammers. We're making sure our Browser Guard extension stays private.

front panel of a router

Russian hacking group targets home and small office routers to spy on users

April 8, 2026

The FBI, NCSC, and Microsoft warn of an ongoing Russian campaign hijacking DNS settings on home and small office routers to spy on users.