Malwarebytes Labs – The Security Blog From Malwarebytes | Malwarebytes Labs News Fake extension crashes browsers to trick users into infecting themselves January 20, 2026 – A fake ad blocker crashes your browser, then uses ClickFix tricks to make you run the malware yourself. Family and parenting Google will pay $8.25m to settle child data-tracking allegations News Firefox joins Chrome and Edge as sleeper extensions spy on users Bugs WhisperPair exposes Bluetooth earbuds and headphones to tracking and eavesdropping AI “Reprompt” attack lets attackers steal data from Microsoft Copilot Threat Intelligence Threat Intel Stay up to date with the latest research and threat intelligence reports. READ MORE BUSINESS BLOG Business Discover the tools, insights, and advice you need to protect your organization. EXPLORE PERSONAL BLOG Personal Get the security news and tips to help you and your family stay safe. EXPLORE PODCAST Podcast Our bi-weekly podcast of the latest security headlines and in-depth interviews with guests VIEW EPISODES Fake extension crashes browsers to trick users into infecting themselves Pieter Arntz January 20, 2026 0 Comments A fake ad blocker crashes your browser, then uses ClickFix tricks to make you run the malware yourself. Google will pay $8.25m to settle child data-tracking allegations Danny Bradbury January 20, 2026 0 Comments Google-owned AdMob allegedly collected kids' data for ads without parental consent—including IP addresses, usage data, and exact locations. Firefox joins Chrome and Edge as sleeper extensions spy on users Pieter Arntz January 19, 2026 0 Comments Researchers found more sleeper browser extensions that spy on users and install backdoors, this time targeting Firefox users as well. A week in security (January 12 – January 18) Malwarebytes Labs January 19, 2026 0 Comments Last week on Malwarebytes Labs: Stay safe! WhisperPair exposes Bluetooth earbuds and headphones to tracking and eavesdropping Pieter Arntz January 16, 2026 0 Comments Researchers demonstrated WhisperPair, a set of attacks that can take control of many widely used Bluetooth earbuds and headphones without user interaction. Dutch police sell fake tickets to show how easily scams work Danny Bradbury January 16, 2026 0 Comments A fake ticket website that ended with a digital finger-wag showed just how many people still fall for concert and sports ticket scams. “Reprompt” attack lets attackers steal data from Microsoft Copilot Pieter Arntz January 15, 2026 0 Comments Researchers uncovered a way to steal data from Microsoft Copilot users with a single malicious link. Phishing scammers are posting fake “account restricted” comments on LinkedIn Pieter Arntz January 14, 2026 0 Comments Fake LinkedIn comments warning of account restrictions are designed to trick users into revealing their login details. Online shoppers at risk as Magecart skimming hits major payment networks Pieter Arntz January 14, 2026 0 Comments A Magecart campaign is skimming card data from online checkouts tied to major payment networks, including AmEx, Diners Club, and Mastercard. 1 2 3 … 597 Next Contributors Threat Center Podcast Glossary Scams
