A fake Microsoft support website is tricking people into downloading what looks like a normal Windows update. Instead, it installs malware designed to steal passwords, payment details, and account access. Because the file looks legitimate and avoids detection, it can slip past both users and security tools.
Malwarebytes Labs researchers spotted the campaign at microsoft-update[.]support, a typosquatted domain dressed up to look like an official Microsoft support page. The site is written entirely in French (but these campaigns tend to spread quickly) and presents a fake cumulative update for Windows version 24H2, complete with a plausible KB article number. A large blue download button invites users to install the update.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Notorious online data leak market BreachForums taken down by whitehat heroes
March 17, 2026
BreachForums, one of the most popular underground forums for sharing malware, stolen data, and more – was taken down. Now, the admin seems to be giving up and looking for someone to pass the torch to. Over the weekend, the Cyber Counter-Intelligence Threat Investigation Consortium (CCITIC) posted on LinkedIn, saying that both the clearnet and Tor ...
- Fortinet patches FortiGate Firewall vulnerabilities that allowed hackers to steal enterprise credentials
March 16, 2026
At the start of the year, cybercriminals were exploiting three vulnerabilities in FortiGate Next-Generation Firewalls (NGFW) to establish persistence and move laterally throughout the network. All recorded attacks were stopped before they could do any meaningful harm, and FortiGate has since issued patches to mitigate the risk. Between December 2025 and February 2026, security researchers SentinelOne ...
- EU sanctions Chinese and Iranian companies for cyber attacks
March 16, 2026
The European Union on Monday imposed sanctions against two China-based and one Iranian company for cyber attacks against EU member states. The EU listed China-based Integrity Technology Group and Anxun Information Technology, and Iranian company Emennet Pasargad. Integrity Technology is seen to have enabled hacks of over65,000 devices across six member states, according to an EUstatement. ...
- UAE: Up to 100 people arrested by police for filming drone or missile strikes
March 14, 2026
Up to 100 people have been arrested by police in the UAE for filming drone or missile strikes, it emerged this morning. Abu Dhabi Police alone have arrested 45 people of multiple nationalities for filming various locations amid current ongoing events and posting clips on social media. In neighbouring Dubai, at least 21 people, including a ...
- Google patches two Chrome zero-days under active attack
March 13, 2026
Update March 16, 2026 Earlier this week, Google incorrectly reported that an actively exploited vulnerability in Chrome had been fixed, and has now announced it will roll out a new update to protect users against the vulnerability tracked as CVE-2026-3909. Original content: Google has released an out-of-band security update for Chrome desktop that patches two high‑severity ...
- Swedish government IT system hacked
March 13, 2026
A large amount of sensitive information allegedly coming from a Swedish government IT system has been posted on the darknet, according to Dagens Nyheter and Expressen. DN writes that the newspaper has taken note of the leak and that it appears to contain the source code for a digital identity management system used by several authorities. ...