Last week on Malwarebytes Labs:

• Criminals are renting virtual phones to bypass bank security
• Bogus Avast website fakes virus scan, installs Venom Stealer instead
• Infiniti Stealer: a new macOS infostealer using ClickFix and Python/Nuitka
• GlassWorm attack installs fake browser extension for surveillance
• Landmark verdicts put Meta’s “addiction machine” platforms on trial
• Hackers claim to have accessed data tied to millions of crime tipsters
• New FCC router ban could leave home networks less secure
• Meet Khaled Mohamed: the bug hunter who found a Microsoft flaw
• FBI, CISA warn of Russian hackers hijacking Signal and WhatsApp accounts
• Scam compounds hiring “AI models” to seal the deal in deepfake video calls
• FriendlyDealer mimics official app stores to push unvetted gambling apps
• The March Madness scam playbook
• Advanced Flow will make Android sideloading safer
• This is all it takes to stop a train (Lock and Code S07E06)

Stay safe!

We don’t just report on scams—we help detect them

Cybersecurity risks should never spread beyond a headline. If something looks dodgy to you, check if it’s a scam using Malwarebytes Scam Guard. Submit a screenshot, paste suspicious content, or share a link, text or phone number, and we’ll tell you if it’s a scam or legit. Available with Malwarebytes Premium Security for all your devices, and in the Malwarebytes app for iOS and Android.

*** This is a Security Bloggers Network syndicated blog from Malwarebytes authored by Malwarebytes. Read the original post at: https://www.malwarebytes.com/blog/news/2026/03/a-week-in-security-march-23-march-29