Malwarebytes

Phishing Evolves Beyond Email to Become Latest Android App Threat

In 2024, Malwarebytes detected more than 22,800 phishing apps on Android, according to the recent 2025 State of Malware report. Of those malicious apps, 5,200 could subvert multi-factor authentication (MFA).

University Site Cloned to Evade Ad Detection and Distribute Fake Cisco AnyConnect Installer

The attackers are using a clever technique to evade detection by security systems. They have cloned the website of a German university that uses Cisco AnyConnect and are using it as a “white page” to fool ad detection systems.

Microsoft Advertisers Phished via Malicious Google Search Ads

Scammers use malicious ads on Google Search to steal login credentials from users trying to access Microsoft’s advertising platform. The phishing page shows a fake error message prompting users to reset their password and attempts to bypass 2FA.

High-Traffic Sites Attacked in “zqxq” Campaign Through Obfuscated Javascript Injection

The malware used in the campaign hides in legitimate files using scrambled variables and custom functions like HttpClient, rand, and token. These methods evade detection and hinder analysis by researchers.

Fake Game Sites Lead to Information Stealers

The new malware campaign targets users by sending direct messages on platforms like Discord, asking if they want to beta test a new video game. These messages often appear to come from the game’s developer.

‘Fix It’ Social Engineering Scheme Impersonates Several Brands

This campaign combines misleading ads and fake software brand pages, ultimately leading users to a false Cloudflare notification that asks them to run specific key combinations.

Malicious Ads Distribute SocGholish Malware to Kaiser Permanente Employees

The ads pretended to be the company's HR portal for benefits and paystub access. The threat was aimed at stealing employee login details, but instead of phishing, it led victims to a compromised website that asked them to update their browser.

People Facing Printer Problems Scammed via Fake Driver Downloads

Victims clicking malicious Google ads are redirected to fake sites mimicking official printer brands, where scammers lure them into calling for support by offering printer drivers that fail to install.

“Sad announcement” email leads to tech support scam

Tech support scammers are again stooping low with their email campaigns. This one hints that one of your contacts may have met an untimely end. It all starts with an email titled “Sad announcement” followed by a full name of someone you know.

QuickBooks popup scam still being delivered via Google ads

We’ve seen two main lures, both via Google ads: the first one is simply a website promoting online support for QuickBooks and shows a phone number, while the latter requires victims to download and install a program that will generate a popup.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags