Malwarebytes Labs – The Security Blog From Malwarebytes | Malwarebytes Labs Data breaches One million customers on alert as extortion group claims massive Brightspeed data haul January 7, 2026 – The Crimson Collective claims to have stolen data on more than a million Brightspeed customers. The broadband provider is investigating. Privacy Disney fined $10m for mislabeling kids’ YouTube videos and violating privacy law News Phishing campaign abuses Google Cloud services to steal Microsoft 365 logins AI Grok apologizes for creating image of young girls in “sexualized attire” AI How AI made scams more convincing in 2025 Threat Intelligence Threat Intel Stay up to date with the latest research and threat intelligence reports. READ MORE BUSINESS BLOG Business Discover the tools, insights, and advice you need to protect your organization. EXPLORE PERSONAL BLOG Personal Get the security news and tips to help you and your family stay safe. EXPLORE PODCAST Podcast Our bi-weekly podcast of the latest security headlines and in-depth interviews with guests VIEW EPISODES One million customers on alert as extortion group claims massive Brightspeed data haul Pieter Arntz January 7, 2026 0 Comments The Crimson Collective claims to have stolen data on more than a million Brightspeed customers. The broadband provider is investigating. Phishing campaign abuses Google Cloud services to steal Microsoft 365 logins Pieter Arntz January 6, 2026 0 Comments Another well-crafted phishing campaign uses Google Cloud Integration Application infrastructure to bypass email filters. Disney fined $10m for mislabeling kids’ YouTube videos and violating privacy law Danny Bradbury January 6, 2026 0 Comments The FTC is seeking a $10 million settlement over allegations that children’s privacy laws were violated through the mislabeling of kid-focused YouTube videos. ALPRs are recording your daily drive (Lock and Code S06E26) Malwarebytes Labs January 5, 2026 0 Comments This week on the Lock and Code podcast, we speak with Will Freeman about Automated License Plate Reader (ALPR) surveillance. Grok apologizes for creating image of young girls in “sexualized attire” Pieter Arntz January 5, 2026 0 Comments Having generated content that may violate US child sexual abuse material laws, Grok highlights once again how ineffective AI guardrails can be. A week in security (December 29 – January 4) Malwarebytes Labs January 5, 2026 0 Comments A list of topics we covered in the week of December 29 2025 to January 4 of 2026 How AI made scams more convincing in 2025 Pieter Arntz January 2, 2026 0 Comments Several AI-related stories in 2025 highlighted how quickly AI systems can move beyond meaningful human control. In 2025, age checks started locking people out of the internet Pieter Arntz December 31, 2025 0 Comments Lawmakers enforced age checks, websites blocked entire countries, and users turned to VPNs to get around them. 2025 exposed the risks we ignored while rushing AI Pieter Arntz December 30, 2025 0 Comments We explore how the rapid rise of Artificial Intelligence (AI) is putting users at risk. 1 2 3 … 595 Next Contributors Threat Center Podcast Glossary Scams
