Malwarebytes Labs – The Security Blog From Malwarebytes | Malwarebytes Labs Bugs May 2026 Patch Tuesday: no zero-days but plenty to fix May 13, 2026 – May’s Patch Tuesday may not be the giant release many expected, but there are still plenty of important fixes that shouldn’t be ignored. News Stolen Canvas data was “returned” after hacker agreement, Instructure says News Fake Claude search results lure Mac users into ClickFix attack Data breaches 1 in 8 employees have sold company logins or know someone who has News Yarbo responds to robot flaws that could mow down their owners PODCAST Podcast Our bi-weekly podcast of the latest security headlines and in-depth interviews with guests VIEW EPISODES AI AI If the robots are taking over, you'll want to know about it. READ MORE Data Breaches Data breaches Keep on top of the latest data breach news. READ MORE Threat Intelligence Threat Intel Stay up to date with the latest research and threat intelligence reports. READ MORE May 2026 Patch Tuesday: no zero-days but plenty to fix Pieter Arntz May 13, 2026 0 Comments May’s Patch Tuesday may not be the giant release many expected, but there are still plenty of important fixes that shouldn’t be ignored. Fake Claude search results lure Mac users into ClickFix attack Pieter Arntz May 12, 2026 0 Comments Researchers found a ClickFix campaign that uses fake Claude setup guides to trick Mac users into infecting themselves. 1 in 8 employees have sold company logins or know someone who has Danny Bradbury May 12, 2026 0 Comments Cifas just published research that should bother anyone who runs a business, or buys from one. Stolen Canvas data was “returned” after hacker agreement, Instructure says Pieter Arntz May 12, 2026 0 Comments Instructure says the stolen Canvas data impacting millions of students and staff was “returned.” That’s not how breaches work. Yarbo responds to robot flaws that could mow down their owners Pieter Arntz May 11, 2026 0 Comments A researcher found a host of vulnerabilities in Yarbo garden robots that could expose Wi-Fi passwords, hijack cameras, and run over their owners on command. A week in security (May 4 – May 10) Malwarebytes Labs May 11, 2026 0 Comments A list of topics we covered in the week of May 4 to May 10 of 2026 Microsoft says Edge’s plaintext password behavior is “by design” Pieter Arntz May 8, 2026 0 Comments A researcher found Edge loads saved passwords into computer memory when it starts, making them easier to steal if a device is already compromised. ShinyHunters escalates Canvas attacks with school login defacements Pieter Arntz May 8, 2026 0 Comments Days after the first attack, ShinyHunters is applying pressure with ransom messages on school login portals. Massive AI investment scam network spans 15,500 domains Pieter Arntz May 7, 2026 0 Comments AI investment scammers abused the Keitaro ad-tracking platform to cloak their campaign, exposing it only to likely targets. 1 2 3 … 621 Next Contributors Threat Center Podcast Glossary Scams
