In 2024, cyber threats targeting SaaS surged, with 7,000 password attacks blocked per second (just in Entra ID)—a 75% increase […]
From $22M in Ransom to +100M Stolen Records: 2025’s All-Star SaaS Threat Actors to Watch Read More »
An Android information stealing malware named FireScam has been found masquerading as a premium version of the Telegram messaging app
FireScam Android Malware Poses as Telegram Premium to Steal Data and Control Devices Read More »
Cybersecurity researchers have revealed several malicious packages on the npm registry that have been found impersonating the Nomic Foundation’s Hardhat
Russian-Speaking Attackers Target Ethereum Devs with Fake Hardhat npm Packages Read More »
During the holiday period on Malwarebytes Labs we covered: A day in the life of a privacy pro, with Ron
Some weeks in security (December 16 – January 5) Read More »
A high-severity security flaw has been disclosed in ProjectDiscovery’s Nuclei, a widely-used open-source vulnerability scanner that, if successfully exploited, could
Researchers Uncover Nuclei Vulnerability Enabling Signature Bypass and Code Execution Read More »
Cybersecurity researchers have flagged a new malware called PLAYFULGHOST that comes with a wide range of information-gathering features like keylogging,
PLAYFULGHOST Delivered via Phishing and SEO Poisoning in Trojanized VPN Apps Read More »
The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) on Friday issued sanctions against a Beijing-based cybersecurity company known
U.S. Treasury Sanctions Beijing Cybersecurity Firm for State-Backed Hacking Campaigns Read More »
The background and the IOCs for this blog were gathered by an Expert helper on our forums and Malwarebytes researchers.
“Can you try a game I made?” Fake game sites lead to information stealers Read More »
The Internet is designed to provide multiple paths between two endpoints. Attempts to exploit multi-path opportunities are almost as old
Multi-Path TCP: revolutionizing connectivity, one path at a time Read More »
