We research. You level up.
Protect your devices, your data, and your privacy—at home or on the go.
"Thanks to the Malwarebytes MSP program, we have this high-quality product in our stack. It’s a great addition, and I have confidence that customers’ systems are protected."
Featured Event: RSA 2021
Activate Malwarebytes Privacy on Windows device.
Level Up to Cloud-Based Business Protection. Save 25% Today >
Exploits and vulnerabilities
Update now! Chrome patches critical RCE vulnerability in Safe Browsing
January 20, 2022 - Google has issued an update for Chrome which includes 26 security fixes, with one rated as "critical".
Read more
Browsers on iOS, iPadOS and Mac leak your browsing activity and personal identifiers
January 19, 2022 - Safari 15 on macOS and all browsers on iOS and iPadOS can leak browsing information and personal information through flaw in the way the browsers use the IndexedDB API.
[updated] You can update now: Microsoft patches 97 bugs including 6 zero-days and a wormable one
January 12, 2022 - The first Patch Tuesday of the year 2022 is here. Make sure you're up to date!
After Log4j, December’s Patch Tuesday has snuck up on us
December 16, 2021 - While everyone has one eye on Log4j, there are other vulnerabilities that need patching since Patch Tuesday has come along as well.
What SMBs can do to protect against Log4Shell attacks
December 15, 2021 - Log4Shell is a severe software flaw affecting millions of applications, including those in your business. Secure this vulnerability now!
[Update: CISA issues Log4j vulnerabilities scanner] Log4j zero-day “Log4Shell” arrives just in time to ruin your weekend
December 10, 2021 - A zero-day vulnerability with a CVSS score of 10.0 has been discovered in Apache's hugely popular Log4j utility.
Vulnerability in Windows 10 URI handler leads to remote code execution
December 8, 2021 - Researchers found a vulnerability in the Windows 10 and 11 ms-officecmd URI handler. When it will be patched is unknown.
CronRAT targets Linux servers with e-commerce attacks
November 29, 2021 - We look at a stealthy RAT attack focusing on e-commerce Linux servers called CronRAT which does some inventive things with dates.
Windows Installer vulnerability becomes actively exploited zero-day
November 24, 2021 - A variant of an already patched vulnerability was disclosed by a researcher frustrated by Microsoft's rewards.
Contributors
Threat Center
Podcast
Glossary
Scams
Write for Labs
Select your language
Cybersecurity basics
Your intro to everything relating to cyberthreats, and how to stop them.
![[updated] You can update now: Microsoft patches 97 bugs including 6 zero-days and a wormable one - The first Patch Tuesday of the year 2022 is here. Make sure you're up to date!](https://blog.malwarebytes.com/wp-content/uploads/2021/02/patchwork-604x270.png)
![[Update: CISA issues Log4j vulnerabilities scanner] Log4j zero-day “Log4Shell” arrives just in time to ruin your weekend - A zero-day vulnerability with a CVSS score of 10.0 has been discovered in Apache's hugely popular Log4j utility.](https://blog.malwarebytes.com/wp-content/uploads/2021/12/Empty_Shells-604x270.png)
