Malwarebytes Labs – The Security Blog From Malwarebytes | Malwarebytes Labs News Stolen Canvas data was “returned” after hacker agreement, Instructure says May 12, 2026 – Instructure says the stolen Canvas data impacting millions of students and staff was “returned.” That’s not how breaches work. Data breaches 1 in 8 employees have sold company logins or know someone who has News Yarbo responds to robot flaws that could mow down their owners News Microsoft says Edge’s plaintext password behavior is “by design” Data breaches Millions of students’ personal data stolen in major education breach PODCAST Podcast Our bi-weekly podcast of the latest security headlines and in-depth interviews with guests VIEW EPISODES AI AI If the robots are taking over, you'll want to know about it. READ MORE Data Breaches Data breaches Keep on top of the latest data breach news. READ MORE Threat Intelligence Threat Intel Stay up to date with the latest research and threat intelligence reports. READ MORE 1 in 8 employees have sold company logins or know someone who has Danny Bradbury May 12, 2026 0 Comments Cifas just published research that should bother anyone who runs a business, or buys from one. Stolen Canvas data was “returned” after hacker agreement, Instructure says Pieter Arntz May 12, 2026 0 Comments Instructure says the stolen Canvas data impacting millions of students and staff was “returned.” That’s not how breaches work. Yarbo responds to robot flaws that could mow down their owners Pieter Arntz May 11, 2026 0 Comments A researcher found a host of vulnerabilities in Yarbo garden robots that could expose Wi-Fi passwords, hijack cameras, and run over their owners on command. A week in security (May 4 – May 10) Malwarebytes Labs May 11, 2026 0 Comments A list of topics we covered in the week of May 4 to May 10 of 2026 Microsoft says Edge’s plaintext password behavior is “by design” Pieter Arntz May 8, 2026 0 Comments A researcher found Edge loads saved passwords into computer memory when it starts, making them easier to steal if a device is already compromised. ShinyHunters escalates Canvas attacks with school login defacements Pieter Arntz May 8, 2026 0 Comments Days after the first attack, ShinyHunters is applying pressure with ransom messages on school login portals. Massive AI investment scam network spans 15,500 domains Pieter Arntz May 7, 2026 0 Comments AI investment scammers abused the Keitaro ad-tracking platform to cloak their campaign, exposing it only to likely targets. If a fake moustache can fool age checks, is the Online Safety Act working? Pieter Arntz May 7, 2026 0 Comments A UK report finds some progress since the Act came into force, but widespread workarounds, ongoing harm, and unresolved privacy concerns suggest the impact is still limited. Google Chrome’s silent 4GB AI download problem Pieter Arntz May 6, 2026 0 Comments Google Chrome writes a 4GB AI model to users’ devices without asking, and reinstalls it if you delete it. 1 2 3 … 621 Next Contributors Threat Center Podcast Glossary Scams
