Security
Headlines
HeadlinesLatestCVEs

Tag

#git

New Android malware lets criminals control your phone and drain your bank account

Albiriox now targets over 400 financial apps and lets criminals operate your phone almost exactly as if it were in their hands.

Malwarebytes
Open in Source
#ios#android#google#microsoft#git#auth
What a Secure Setup Really Looks Like for Storing Digital Assets

How you choose to store your assets is one of the most important decisions you’ll make when you…

Malwarebytes joins Global Anti-Scam Alliance (GASA) as supporting member 

Scams are sneakier, more direct, and harder to spot than ever, so we're proud to work with GASA to help keep people safer online.

Evil Twin Wi‑Fi Hacker Jailed for Stealing Data Mid‑Flight

An Australian man who used fake “evil‑twin” Wi‑Fi networks at airports and on flights to steal travellers’ data has been jailed for 7 years and 4 months.

⚡ Weekly Recap: Hot CVEs, npm Worm Returns, Firefox RCE, M365 Email Raid & More

Hackers aren’t kicking down the door anymore. They just use the same tools we use every day — code packages, cloud accounts, email, chat, phones, and “trusted” partners — and turn them against us. One bad download can leak your keys. One weak vendor can expose many customers at once. One guest invite, one link on a phone, one bug in a common tool, and suddenly your mail, chats, repos, and

Webinar: The "Agentic" Trojan Horse: Why the New AI Browsers War is a Nightmare for Security Teams

The AI browser wars are coming to a desktop near you, and you need to start worrying about their security challenges. For the last two decades, whether you used Chrome, Edge, or Firefox, the fundamental paradigm remained the same: a passive window through which a human user viewed and interacted with the internet. That era is over. We are currently witnessing a shift that renders the old

New Albiriox MaaS Malware Targets 400+ Apps for On-Device Fraud and Screen Control

A new Android malware named Albiriox has been advertised under a malware-as-a-service (MaaS) model to offer a "full spectrum" of features to facilitate on-device fraud (ODF), screen manipulation, and real-time interaction with infected devices. The malware embeds a hard-coded list comprising over 400 applications spanning banking, financial technology, payment processors, cryptocurrency

Tomiris Shifts to Public-Service Implants for Stealthier C2 in Attacks on Government Targets

The threat actor known as Tomiris has been attributed to attacks targeting foreign ministries, intergovernmental organizations, and government entities in Russia with an aim to establish remote access and deploy additional tools. "These attacks highlight a notable shift in Tomiris's tactics, namely the increased use of implants that leverage public services (e.g., Telegram and Discord) as

Confidential computing on AWS Nitro Enclave with Red Hat Enterprise Linux

Confidential computing is needed to protect sensitive data not only when it is stored or transmitted, but also while it is actively being processed in memory - traditionally the most vulnerable phase. In this article, I demonstrate how to implement a secure runtime environment using AWS Nitro Enclaves for applications on EC2 instances running Red Hat Enterprise Linux 9.6+ (RHEL).To fully understand the concepts, use cases, and justifications for confidential computing, read our previous articles. The hardware used to provide secure communication and certification is based on AWS Nitro architec

Over 2,000 Fake Shopping Sites Spotted Before Cyber Monday

CloudSEK found over 2,000 fake sites impersonating Amazon and top brands before Cyber Monday and Black Friday. Learn the key fraud signs now to stay safe.