Advertising and Risk - Cyber Security Informer

Experts Flag Security, Privacy Risks in DeepSeek AI App

Krebs on Security

FEBRUARY 6, 2025

But experts caution that many of DeepSeek’s design choices — such as using hard-coded encryption keys, and sending unencrypted user and device data to Chinese companies — introduce a number of glaring security and privacy risks. Full disclosure: Wiz is currently an advertiser on this website.]

Risk

Risk Artificial Intelligence Mobile Encryption

The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads

Malwarebytes

JANUARY 15, 2025

Fuel for other malware and scam campaigns Indicators of Compromise Overview Online criminals are targeting individuals and businesses that advertise via Google Ads by phishing them for their credentials ironically via fraudulent Google ads. This earned Google a whopping $175 billion in search-based ad revenues in 2023.

Advertising

Advertising Accountability Phishing Scams

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

Krebs on Security

JANUARY 31, 2025

. “The Saim Raza-run websites operated as marketplaces that advertised and facilitated the sale of tools such as phishing kits, scam pages and email extractors often used to build and maintain fraud operations,” the DOJ explained. “Presumably, these buyers also include Dutch nationals.

Phishing

Phishing Cybercrime Advertising Malware

How Cryptocurrency Turns to Cash in Russian Banks

Krebs on Security

DECEMBER 11, 2024

The 122 services targeted in Sanders’ research include some of the more prominent businesses advertising on the cybercrime forums today, such as: -abuse-friendly or “bulletproof” hosting providers like anonvm[.]wtf, wtf, and PQHosting ; -sites selling aged email, financial, or social media accounts, such as verif[.]work

Cryptocurrency

Cryptocurrency Banking Cybercrime Advertising

FBI warns of malicious free online document converters spreading malware

Security Affairs

MARCH 24, 2025

” Fake file converters and download tools may perform advertised tasks but can provide resulting files containing hidden malware, giving criminals access to victims’ devices. They can also steal personal data, banking details, cryptocurrency info, emails, and passwords by scraping the files the users upload.

Malware

Malware Identity Theft Scams Antivirus

DeepSeek users targeted with fake sponsored Google ads that deliver malware

Malwarebytes

MARCH 26, 2025

In this case, they certainly put a lot more effort into creating the fake website which the advertisement linked to: Its different from the real website, but it looks convincing, nonetheless. The advertisers name is not in Chinese characters by the way. The language in which the advertiser’s name is written is Hebrew: .

Artificial Intelligence

Artificial Intelligence Advertising Malware Risk

Fake bank ads on Instagram scam victims out of money

Malwarebytes

JUNE 18, 2025

Doublecheck the advertiser account: BleepingComputer found that the advertiser accounts running the fake ads on Instagram only had pages on Facebook, not on Instagram itself. We don’t just report on threats – we help protect your social media Cybersecurity risks should never spread beyond a headline.

Banking

Banking Scams Advertising Identity Theft

Patch now! New Chrome update for two critical vulnerabilities

Malwarebytes

OCTOBER 30, 2024

That means that a victim’s device could be compromised just by visiting a malicious website or advertisement. We don’t just report on threats—we remove them Cybersecurity risks should never spread beyond a headline. This vulnerability, tracked as CVE-2024-10487 , can be used by cybercriminals as a drive-by download.

Spyware

Spyware Architecture Advertising Engineering

1,000+ web shops infected by “Phish ‘n Ships” criminals who create fake product listings for in-demand products

Malwarebytes

NOVEMBER 1, 2024

SEO poisoning is a technique employed by cybercriminals to manipulate search engine results, making harmful websites or advertisements appear at the top of search results. Did the advertisement you clicked on take you to the expected web shop? So, what can consumers do to stay safe?

Phishing

Phishing Advertising Engineering Risk

Repeat offenders drive bulk of tech support scams via Google Ads

Malwarebytes

DECEMBER 3, 2024

We’ve identified specific advertiser accounts that make up the bulk of fraudulent ads we have reported to Google this past year. For instance, one advertiser had over 30 reported incidents in the past 3 months. It’s unclear why Google has not taken definitive action on the advertiser profiles we have reported.

Scams

Scams Advertising Accountability Engineering

Increased GDPR Enforcement Highlights the Need for Data Security

Security Affairs

NOVEMBER 18, 2024

Amazon: €746 Million ($781 Million), 2021 In 2021, Amazon received a hefty fine for failing to secure proper consent for advertising cookies. For businesses operating internationally, staying ahead of regulatory changes is key to mitigating risk. This includes aligning with evolving frameworks like the EU-U.S.

Data privacy

Data privacy Risk Surveillance Government

Zoom Patches Critical Flaw (CVE-2025-49457): Windows Users Face Privilege Escalation Risk

Penetration Testing

AUGUST 12, 2025

2 / 30 supporters Contribute Now Daily CyberSecurity About SecurityOnline.info Advertise with us Announcement Contact Contributor Register Login About SecurityOnline.info Advertise on SecurityOnline.info Contact When you purchase through links on our site, we may earn an affiliate commission.

Risk

Risk Penetration Testing Advertising DDOS

What’s Different About the Black Hat Conference, and What’s New in 2025?

Lohrman on Security

AUGUST 10, 2025

News Analytics Artificial Intelligence Civic Innovation Cloud & Computing Cybersecurity Lohrmann on Cybersecurity Education Election Technology Emerging Tech Budget & Finance Infrastructure Government Experience GovTech Biz Biz Data Health & Human Services Justice & Public Safety Broadband & Network Policy Smart Cities Transportation (..)

Artificial Intelligence

Artificial Intelligence Education Government Advertising

Cybersecurity Snapshot: Tenable Highlights Risks of AI Use in the Cloud, as UK’s NCSC Offers Tips for Post-Quantum Cryptography Adoption

Security Boulevard

MARCH 21, 2025

Check out key findings and insights from the Tenable Cloud AI Risk Report 2025. 1 - Tenable: Orgs using AI in the cloud face thorny cyber risks Using AI tools in cloud environments? 1 - Tenable: Orgs using AI in the cloud face thorny cyber risks Using AI tools in cloud environments?

Risk

Risk IoT Cybersecurity Manufacturing

DNA testing company vanishes along with its customers’ genetic data

Malwarebytes

NOVEMBER 12, 2024

So, even if a company has good intentions, there is still a risk of your genetic data being linked to your personally identifiable information (PII). This makes the information a treasure trove for advertisers, insurance companies, and Big Pharma. Data breaches happen to the best companies. I honestly hope they’re right.

Insurance

Insurance Accountability Risk Data breaches

Android devices track you before you even sign in

Malwarebytes

MARCH 12, 2025

As the company behind the Android Operating System (OS), the Google Play Store, the most popular search engine in the world, and part of the leading company in digital advertising (Alphabet), Google has obtained a position where it would be hard not to profit from. Ever considered not telling them who I am?

Advertising

Advertising Accountability Marketing Engineering

Irish Data Protection Commission (DPC) fined Meta €251 million for a 2018 data breach

Security Affairs

DECEMBER 18, 2024

The hackers did not affect Facebook-owned Messenger, Messenger Kids, Instagram, WhatsApp, Oculus, Workplace, Pages, payments, third-party apps or advertising or developer accounts, the company said. ” said DPC Deputy Commissioner Graham Doyle.

Data breaches

Data breaches Accountability Risk Advertising

Reflectiz Joins the Datadog Marketplace

Penetration Testing

JULY 9, 2025

The partnership introduces the Reflectiz Security Integration within Datadog’s platform, enabling joint customers to proactively identify and remediate risks across their entire web ecosystem: from first-party applications to complex third-party and supply chain dependencies. Director of Strategic Alliances at Reflectiz. “By

Penetration Testing

Penetration Testing Risk Financial Services Advertising

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 20, 2024

CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog Nation-state actor exploited three Ivanti CSA zero-days Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’ macOS HM Surf flaw in TCC allows bypass Safari privacy settings Iran-linked actors target critical infrastructure organizations (..)

Data breaches

Data breaches Cybercrime Cyber Insurance Marketing

PayPal’s “no-code checkout” abused by scammers

Malwarebytes

FEBRUARY 27, 2025

Overview Scammers are creating ads impersonating PayPal from various advertiser accounts that may have been hacked. This is not a coincidence of course, and is why search advertising is worth billions of dollars. We dont just report on phone securitywe provide it Cybersecurity risks should never spread beyond a headline.

Scams

Scams Mobile Small Business Advertising

March Madness Meets Cyber Mayhem: How Cybercriminals Are Playing Offense this Season

SecureWorld News

MARCH 20, 2025

Phishing plays straight out of the cybercrime playbook "March Madness brings heightened cybersecurity risks this year, especially with the expansion of sports gambling beyond traditional office pools creating new attack vectors for credential harvesting and financial fraud," warns J.

Scams

Scams Social Engineering Phishing Mobile

Romantic Lawsuit for Two? Don't Let Cybercriminals Scam You this Valentine's Day

SecureWorld News

FEBRUARY 14, 2025

And 2025 will be no different, as increasingly sophisticated online hackers seek to take advantage of Valentine's themed email traffic, social media advertisements, or marketing campaigns, and exploit heightened emotions and a desire to connect. Last year saw a 110% rise in cybercrime in the lead up to Valentine's Day.

Scams

Scams Cybercrime Phishing Social Engineering

IT threat evolution in Q3 2024. Non-mobile statistics

SecureList

NOVEMBER 29, 2024

For example, AdWare.OSX.Angent.ap (9%) adds advertising links as browser bookmarks without the user’s knowledge. Adware and other potentially unwanted applications were as usual the most widespread threats for macOS. Additionally, a variety of malicious applications were among the most active threats.

Mobile

Mobile Adware Ransomware Malware

Threat Spotlight: Inside the World’s Fastest Rising Ransomware Operator — BlackLock

Digital Shadows

FEBRUARY 17, 2025

At first glance, BlackLocks advertisements on ransomware forums may seem similar to other big players, boasting multi-platform support and advanced encryption. Our analysts work closely with customer teams to contain threats and provide tailored risk mitigation strategiesensuring businesses can recover quickly and effectively.

Ransomware

Ransomware Malware Risk Accountability

Semrush impersonation scam hits Google Ads

Malwarebytes

MARCH 20, 2025

This blog post was co-authored with Elie Berreby, Senior SEO Strategist Criminals are highly interested in online marketing and advertising tools that they can leverage as part of their ongoing malware campaigns. Malicious Semrush domains adsense-word[.]com help sem-russhh[.]com com sem-rushhh[.]com com sem-rushh[.]com com semrush[.]click

Scams

Scams Accountability Phishing Advertising

An electrician's plea: Don't plug these 7 appliances (including AC units) into extension cords

Zero Day

JULY 12, 2025

While the fire risk is a bit lower with fridges, an extension cord could still cause the fridge to modulate its power and malfunction. But that requires a lot of heat, and larger models can consume as much as 2,000 watts -- this poses a considerable fire risk when plugged into even a 14-gauge cord. The same applies to power strips. To

Computers and Electronics

Computers and Electronics Artificial Intelligence Digital transformation Password Management

Legal Zero-Days: How Old Laws Became a Novel Loss Generator

SecureWorld News

APRIL 2, 2025

Companies across industries are being sued for using widely available web technologies: session replay tools, analytics platforms, and advertising trackers. The result is a growing gap between where the risk is developing and where coverage reliably responds. There's nothing futuristic about this version of privacy risk.

Consumer Protection

Consumer Protection Spyware Surveillance Insurance

Git Project Patches 3 Flaws: RCE, Arbitrary File Writes & Buffer Overflow

Penetration Testing

JULY 8, 2025

While the attack complexity is higher, this issue still poses a risk on Windows systems where wincred is enabled by default. Due to a lack of bounds-checking in the wcsncat() function, an attacker could trigger memory corruption by overflowing a static buffer used for credential comparison and storage. are affected.

Penetration Testing

Penetration Testing Advertising DNS DDOS

Crooks target DeepSeek users with fake sponsored Google ads to deliver malware

Security Affairs

MARCH 27, 2025

The researchers recommend avoiding clicking on sponsored search results and always verifying the advertiser by checking the details behind the URL to ensure it’s the legitimate brand owner. Crooks can bypass Google controls that prevent fake ads, outbidding legitimate brands and rank higher in sponsored search results.

Malware

Malware Data collection Advertising Media

Europol warns about counterfeit goods and the criminals behind them

Malwarebytes

OCTOBER 28, 2024

The report states: “The rise of social media, influencers and online commerce have changed consumers’ behavior, increasing their appetite for IP infringing goods or content, while having a low awareness of risks.” So, there is another critical role in advertising counterfeit goods, which are influencers. Look for consumer reviews.

Cybercrime

Cybercrime Advertising Media Risk

AI-Driven Fraud and Impersonation: The New Face of Financial Crime

SecureWorld News

JULY 17, 2025

Together, the two series illustrate a clear positive correlation between incident frequency and monetary loss, underscoring the growing risk and economic burden posed by AI‑driven fraud schemes. Similarly, the CEO of advertising giant WPP was targeted via a deepfake voice message on WhatsApp. In 2025, numerous U.S.

Banking

Banking Scams Social Engineering Financial Services

New AI “agents” could hold people for ransom in 2025

Malwarebytes

FEBRUARY 4, 2025

These tools can also answer an endless array of factual questions, much like the separate AI tool Perplexity, which advertises itself not as a search engine, but as the worlds first answer engine. We dont just report on threatswe remove them Cybersecurity risks should never spread beyond a headline. But sometimes the AI pushes back.

Artificial Intelligence

Artificial Intelligence Small Business Malware Technology

Critical RCE in MCP Inspector Exposes AI Devs to Web-Based Exploits (CVE-2025-49596)

Penetration Testing

JUNE 30, 2025

We managed to identify MCP Inspector instances that are exposed to the internet and are in immediate risk of remote code execution. These systems are exposed to full remote command execution—no browser needed. “ Anthropic’s security team responded quickly, and as of version 0.14.1, Support independent cybersecurity journalism.

Penetration Testing

Penetration Testing Authentication Advertising Encryption

Crazy Evil gang runs over 10 highly specialized social media scams

Security Affairs

FEBRUARY 3, 2025

Crazy Evil actively recruits affiliates by advertising its cybercriminal network with specific skill requirements. As it grows in size and complexity, the risk of exit scams and splintering, seen in past groups. Crazy Evil has earned over $5 million through phishing scams since 2021. Victim losses range from $0.10

Scams

Scams Media Cryptocurrency Cybercrime

Ransomware negotiator investigated over criminal gang kickbacks

Malwarebytes

JULY 8, 2025

Since then, companies have openly advertised negotiation services, based on a willingness for cyber insurance companies to reimburse victims as part of their policy coverage. We don’t just report on threats—we remove them Cybersecurity risks should never spread beyond a headline. Perhaps that wouldn’t be a bad thing.

Ransomware

Ransomware Cyber Insurance Government Insurance

86 million AT&T customer records reportedly up for sale on the dark web

Zero Day

JUNE 6, 2025

Collectively, they could easily put affected customers at risk for account takeovers and identity theft. "Now it poses significant risk to their identities. Privacy Policy | | Cookie Settings | Advertise | Terms of Use All rights reserved.

Password Management

Password Management Passwords Identity Theft Software

News alert: Halo Security’s attack surface management platform wins MSP Today’s top award

The Last Watchdog

JUNE 18, 2025

The platform combines attacker-like discovery methods with ongoing security monitoring, vulnerability scanning, and expert-led penetration testing services to help organizations of all sizes identify and remediate security risks before they can be exploited. Each recipient is a verifiable leader in the marketplace.

Penetration Testing

Penetration Testing Technology Media Marketing

Why SMS two-factor authentication codes aren't safe and what to use instead

Zero Day

JUNE 17, 2025

New reports from both Bloomberg and collaborative investigative newsroom Lighthouse Reports shed light on how and why text-based codes can put people at risk. Don't leave your old logins exposed in the cloud - do this next Though the practice of outsourcing such messages may be expedient, it does run risks. All rights reserved.

Authentication

Authentication Password Management Small Business Passwords

1 in 10 people do nothing to stay secure and private on vacation

Malwarebytes

MARCH 17, 2025

The findings reveal that the public approaches cybersecurity as a patchwork quilt, implementing some best practices while forgoing others, and engaging in a few behaviors that carry significant risk online. We dont just report on threatswe remove them Cybersecurity risks should never spread beyond a headline.

Scams

Scams Passwords Backups VPN

Meta plans to train AI on EU user data from May 27 without consent

Security Affairs

MAY 16, 2025

In summary, Meta may face massive legal risks just because it relies on an “opt-out” instead of an “opt-in” system for AI training.” “The European Court of Justice has already held that Meta cannot claim a ‘legitimate interest’ in targeting users with advertising.

Media

Media Hacking Advertising Artificial Intelligence

Cisco Contributes to Cyber Hard Problems Report

Cisco Security

JULY 7, 2025

During his time with Cisco and at Robust Intelligence before that, Hyrum has been on a self-proclaimed crusade to get people to understand the cybersecurity risks from AI/ML. Nguyen also praised Hyrum for his contribution in “one of the fastest-emerging areas of cyber risk. Due to his high-profile work, Hyrum was approached by the U.S.

Cyber Risk

Cyber Risk Media Risk Cybersecurity

AI is getting “creepy good” at geo-guessing

Malwarebytes

APRIL 25, 2025

Infrastructure and Environment: The modern bridge with a blue banner advertisement and the tree-lined waterfront hints at a city that integrates riverways into its urban design. We don’t just report on threats – we help protect your social media Cybersecurity risks should never spread beyond a headline.

Architecture

Architecture Identity Theft Media Artificial Intelligence

QR codes sent in attachments are the new favorite for phishers

Malwarebytes

APRIL 3, 2025

Personal email addresses would see generic advertising, but corporate email addresses would be prompted to log in with their Microsoft account. We dont just report on phone securitywe provide it Cybersecurity risks should never spread beyond a headline.

Phishing

Phishing Banking Mobile Accountability

Urgent WordPress Alert: Motors Theme Flaw (CVE-2025-4322) Actively Exploited for Site Takeover

Penetration Testing

JUNE 20, 2025

Search Our Websites Penetration Testing Tools The Daily Information Technology Daily CyberSecurity About SecurityOnline.info Advertise with us Announcement Contact Contributor Register Login About SecurityOnline.info Advertise on SecurityOnline.info Contact When you purchase through links on our site, we may earn an affiliate commission.

Accountability

Accountability Passwords Penetration Testing Firewall

Experts Flag Security, Privacy Risks in DeepSeek AI App

The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads

Trending Sources

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

How Cryptocurrency Turns to Cash in Russian Banks

FBI warns of malicious free online document converters spreading malware

DeepSeek users targeted with fake sponsored Google ads that deliver malware

Fake bank ads on Instagram scam victims out of money

Patch now! New Chrome update for two critical vulnerabilities

1,000+ web shops infected by “Phish ‘n Ships” criminals who create fake product listings for in-demand products

Repeat offenders drive bulk of tech support scams via Google Ads

Increased GDPR Enforcement Highlights the Need for Data Security

Zoom Patches Critical Flaw (CVE-2025-49457): Windows Users Face Privilege Escalation Risk

What’s Different About the Black Hat Conference, and What’s New in 2025?

Cybersecurity Snapshot: Tenable Highlights Risks of AI Use in the Cloud, as UK’s NCSC Offers Tips for Post-Quantum Cryptography Adoption

DNA testing company vanishes along with its customers’ genetic data

Android devices track you before you even sign in

Irish Data Protection Commission (DPC) fined Meta €251 million for a 2018 data breach

Reflectiz Joins the Datadog Marketplace

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

PayPal’s “no-code checkout” abused by scammers

March Madness Meets Cyber Mayhem: How Cybercriminals Are Playing Offense this Season

Romantic Lawsuit for Two? Don't Let Cybercriminals Scam You this Valentine's Day

IT threat evolution in Q3 2024. Non-mobile statistics

Threat Spotlight: Inside the World’s Fastest Rising Ransomware Operator — BlackLock

Semrush impersonation scam hits Google Ads

An electrician's plea: Don't plug these 7 appliances (including AC units) into extension cords

Legal Zero-Days: How Old Laws Became a Novel Loss Generator

Git Project Patches 3 Flaws: RCE, Arbitrary File Writes & Buffer Overflow

Crooks target DeepSeek users with fake sponsored Google ads to deliver malware

Europol warns about counterfeit goods and the criminals behind them

AI-Driven Fraud and Impersonation: The New Face of Financial Crime

New AI “agents” could hold people for ransom in 2025

Critical RCE in MCP Inspector Exposes AI Devs to Web-Based Exploits (CVE-2025-49596)

Crazy Evil gang runs over 10 highly specialized social media scams

Ransomware negotiator investigated over criminal gang kickbacks

86 million AT&T customer records reportedly up for sale on the dark web

News alert: Halo Security’s attack surface management platform wins MSP Today’s top award

Why SMS two-factor authentication codes aren't safe and what to use instead

1 in 10 people do nothing to stay secure and private on vacation

Meta plans to train AI on EU user data from May 27 without consent

Cisco Contributes to Cyber Hard Problems Report

AI is getting “creepy good” at geo-guessing

QR codes sent in attachments are the new favorite for phishers

Urgent WordPress Alert: Motors Theme Flaw (CVE-2025-4322) Actively Exploited for Site Takeover

Stay Connected