• A week in security (February 16 - February 22) Last week on Malwarebytes Labs: Age verification vendor Persona left frontend exposed, researchers say Facebook ads spread fake Windows 11 downloads that steal passwords and crypto wallets AI-generated passwords are a security risk Intimate products maker Tenga spilled customer data Meta patents AI that could keep you posting from beyond the grave Betterment data breach might be worse than we thought Job scam uses fake Google Forms site to harvest Google logins Scammers use fake “Gemini” AI chatbot to sell fake “Google Coin” Chrome “preloading” could be leaking your data and causing problems in Browser Guard Scam Guard for desktop: A second set of eyes for suspicious moments Update Chrome now: Zero-day bug allows code execution via malicious webpages Hobby coder accidentally creates vacuum robot army ClickFix added nslookup commands to its arsenal for downloading RATs Stay safe! • We don’t just report on privacy-we offer you the option to use it. • Privacy risks should never spread beyond a headline. • Keep your online privacy yours by usingMalwarebytes Privacy VPN. • SHARE THIS ARTICLE About the author Malwarebytes Labs LATEST ARTICLES Reddit, porn sites fined by UK regulators over children’s safety and privacy Ofcom and the Information Commissioner’s Office respectively fined a US porn company and Reddit for failing to protect children online. • Roblox gives predators “powerful tools” to target children, says LA County Los Angeles County sued the online gaming platform Roblox for its alleged failure to protect children from danger.

Article Summaries:

  • A week of security alerts highlighted widespread data exposure and malware threats. An age‑verification service, Persona, left its frontend vulnerable, while Facebook ads pushed counterfeit Windows 11 downloads that steal credentials and crypto wallets. AI‑generated passwords emerged as a new risk, and intimate‑product maker Tenga suffered a customer‑data leak. Meta filed a patent for an AI that could post from beyond the grave. Betterment’s breach may be larger than initially reported. Scammers used fake Google Forms and a counterfeit “Gemini” chatbot to harvest logins and sell bogus “Google Coin.” Chrome’s preloading feature and a zero‑day bug risk data leakage and code execution, prompting an urgent update.
  • Last week on Malwarebytes Labs: - Age verification vendor Persona left frontend exposed, researchers say - Facebook ads spread fake Windows 11 downloads that steal passwords and crypto wallets - AI-generated passwords are a security risk - Intimate products maker Tenga spilled customer data - Meta patents AI that could keep you posting from beyond the grave - Betterment data breach might be worse than we thought - Job scam uses fake Google Forms site to harvest Google logins - Scammers use fake “Gemini” AI chatbot to sell fake “Google Coin” - Chrome “preloading” could be leaking your data and

Sources: