ShinyHunters escalates Canvas attacks with school login defacements
Days after confirming a major data breach, Instructure is now facing a second blow. Earlier this week, Instructure confirmed a major data breach affecting its…
Category: MalwareBytes
Microsoft says Edge’s plaintext password behavior is “by design”
Some time ago, we discussed whether you should allow your browser to remember your passwords. In that article we mentioned the importance of encryption. “With…
Massive AI investment scam network spans 15,500 domains
Researchers tracked a large AI‑themed investment scam campaign involving more than 15,000 domains. It uses cloaking and deepfakes to hide from security tools while targeting…
If a fake moustache can fool age checks, is the Online Safety Act working?
A report based on a survey by the UK’s Internet Matters shows that much of the responsibility for managing the online safety of children still…
Millions of students’ personal data stolen in major education breach
Instructure, the company behind the Canvas learning management system (LMS), confirmed a cyber incident and subsequent data breach affecting its cloud‑hosted environment. The ShinyHunters ransomware…
Google Chrome’s silent 4GB AI download problem
Google Chrome has been quietly downloading a 4GB AI model onto users’ devices without asking first. Security researcher Alexander Hanff, aka ThatPrivacyGuy, reports that Chrome…
Attackers adopt JavaScript runtime Bun to spread NWHStealer
In our previous research, we analyzed a Windows infostealer we track as NWHStealer. The attackers behind this stealer are continuously finding new methods to distribute the stealer. During our hunting activities, we…
Update WhatsApp now: Two new flaws could expose you to malicious files
Meta has published a new security advisory for messaging app WhatsApp, announcing patches for two vulnerabilities. WhatsApp has fixed two security flaws that could be…
The 2026 World Cup scam economy is already running before the first whistle
The FIFA World Cup 2026 is scheduled to begin June 11 across the US, Canada, and Mexico. The web is filling with sites impersonating ticket…
Cyberattacks are raising your prices (Lock and Code S07E09)
This week on the Lock and Code podcast… Your prices could be going up because of a little something that one group has started calling…
Thousands of Facebook accounts stolen by phishing emails sent through Google
Researchers have uncovered a long-running phishing operation that abuses trusted Google services to hijack tens of thousands of Facebook accounts. The compromised Facebook accounts are…
A week in security (April 27 – May 3)
Last week on Malwarebytes Labs: 3 easy-to-miss cybersecurity risks for small businesses Actively exploited cPanel bug exposes millions of websites to takeover More PayPal emails…