Security
Headlines
HeadlinesLatestCVEs

Tag

#ios

How credentials get stolen in seconds, even with a script-kiddie-level phish

Even a sloppy, low-skill phish can wreck your day. We go under the hood of this basic credential-harvesting campaign.

Malwarebytes
Open in Source
#web#ios#android#git#java#pdf#auth
Stolen iPhones are locked tight, until scammers phish your Apple ID credentials

Stolen iPhones are hard to hack, so thieves are phishing the owners instead. How fake ‘Find My’ messages trick victims into sharing their Apple ID login.

Fantasy Hub is spyware for rent—complete with fake app kits and support

Fantasy Hub RAT-for-rent hides in fake Android apps, stealing logins, PINs, and messages—all with a single SMS permission.

⚡ Weekly Recap: Hyper-V Malware, Malicious AI Bots, RDP Exploits, WhatsApp Lockdown and More

Cyber threats didn’t slow down last week—and attackers are getting smarter. We’re seeing malware hidden in virtual machines, side-channel leaks exposing AI chats, and spyware quietly targeting Android devices in the wild. But that’s just the surface. From sleeper logic bombs to a fresh alliance between major threat groups, this week’s roundup highlights a clear shift: cybercrime is evolving fast

Watch out for Walmart gift card scams

The only thing you’re winning here is a spot on marketing lists you never asked to join.

Microsoft Uncovers 'Whisper Leak' Attack That Identifies AI Chat Topics in Encrypted Traffic

Microsoft has disclosed details of a novel side-channel attack targeting remote language models that could enable a passive adversary with capabilities to observe network traffic to glean details about model conversation topics despite encryption protections under certain circumstances. This leakage of data exchanged between humans and streaming-mode language models could pose serious risks to

Malwarebytes scores 100% in AV-Comparatives Stalkerware Test 2025

AV-Comparatives put 13 top Android security apps to the test against stalkerware. Malwarebytes caught them all.

Samsung Zero-Click Flaw Exploited to Deploy LANDFALL Android Spyware via WhatsApp

A now-patched security flaw in Samsung Galaxy Android devices was exploited as a zero-day to deliver a "commercial-grade" Android spyware dubbed LANDFALL in targeted attacks in the Middle East. The activity involved the exploitation of CVE-2025-21042 (CVSS score: 8.8), an out-of-bounds write flaw in the "libimagecodec.quram.so" component that could allow remote attackers to execute arbitrary

GHSA-cm35-v4vp-5xvx: Open WebUI Affected by an External Model Server (Direct Connections) Code Injection via SSE Events

### Summary Open WebUI v0.6.33 and below contains a code injection vulnerability in the Direct Connections feature that allows malicious external model servers to execute arbitrary JavaScript in victim browsers via Server-Sent Event (SSE) `execute` events. This leads to authentication token theft, complete account takeover, and when chained with the Functions API, enables remote code execution on the backend server. The attack requires the victim to enable Direct Connections (disabled by default) and add the attacker's malicious model URL, achievable through social engineering of the admin and subsequent users. ### Details ROOT CAUSE ANALYSIS: Open WebUI's Direct Connections feature allows users to add external OpenAI-compatible model servers without proper validation of the Server-Sent Events (SSE) these servers emit. VULNERABLE COMPONENT: Frontend SSE Event Handler The frontend JavaScript code processes SSE events from external servers and specifically handles an `execute` eve...

Fake 0-Day Exploit Emails Trick Crypto Users Into Running Malicious Code

Bolster AI reveals a new scam using a simple JS code via Emkei's Mailer to fake 37% profits and steal crypto. Act fast to secure your wallet.