Malwarebytes Labs – The Security Blog From Malwarebytes | Malwarebytes Labs News Get paid to scroll TikTok? The data trade behind Freecash ads January 26, 2026 – Ads promised up to $35 an hour to watch videos. Instead, users were funneled into mobile games designed to drive spending and collect data. News Spammers abuse Zendesk to flood inboxes with legitimate-looking emails, but why? Data breaches Under Armour ransomware breach: data of 72 million customers appears on the dark web News Fake LastPass maintenance emails target users AI Malicious Google Calendar invites could expose private data Threat Intelligence Threat Intel Stay up to date with the latest research and threat intelligence reports. READ MORE BUSINESS BLOG Business Discover the tools, insights, and advice you need to protect your organization. EXPLORE PERSONAL BLOG Personal Get the security news and tips to help you and your family stay safe. EXPLORE PODCAST Podcast Our bi-weekly podcast of the latest security headlines and in-depth interviews with guests VIEW EPISODES Get paid to scroll TikTok? The data trade behind Freecash ads Pieter Arntz January 26, 2026 0 Comments Ads promised up to $35 an hour to watch videos. Instead, users were funneled into mobile games designed to drive spending and collect data. One privacy change I made for 2026 (Lock and Code S07E02) Malwarebytes Labs January 26, 2026 0 Comments This week on the Lock and Code podcast, host David Ruiz explains why he's leaving behind Google Search… and what he's replacing it with. A week in security (January 19 – January 25) Malwarebytes Labs January 26, 2026 0 Comments A list of topics we covered in the week of January 19 to January 25 of 2026 Spammers abuse Zendesk to flood inboxes with legitimate-looking emails, but why? Pieter Arntz January 23, 2026 0 Comments Spammers are abusing Zendesk to flood inboxes with emails from trusted brands. There’s no phishing or malware—just noise. Fake LastPass maintenance emails target users Pieter Arntz January 22, 2026 0 Comments LastPass is warning users about phishing emails that pressure users to back up their vaults within 24 hours. Under Armour ransomware breach: data of 72 million customers appears on the dark web Pieter Arntz January 22, 2026 0 Comments Customer data allegedly stolen during a ransomware attack on sportswear giant Under Armour is now circulating on the dark web. Can you use too many LOLBins to drop some RATs? Pieter Arntz January 21, 2026 0 Comments An attempt to drop two RATs on a system used an uncanny assortment of legitimate Windows tools. Malicious Google Calendar invites could expose private data Pieter Arntz January 21, 2026 0 Comments Researchers showed how prompt injection hidden in a calendar invite can bypass privacy controls and turn an AI assistant into a data-leaking accomplice. Fake extension crashes browsers to trick users into infecting themselves Pieter Arntz January 20, 2026 0 Comments A fake ad blocker crashes your browser, then uses ClickFix tricks to make you run the malware yourself. 1 2 3 … 598 Next Contributors Threat Center Podcast Glossary Scams
