Malwarebytes Labs Weekly Security Roundup: May 4 – May 10
The latest weekly security roundup from Malwarebytes Labs summarizes key incidents and developments from May 4th through May 10th, 2026.
The latest weekly security roundup from Malwarebytes Labs covers a diverse range of incidents and developments from the week of May 4th to May 10th, 2026. Key topics include Microsoft's stance on Edge's plaintext password handling, the escalation of Canvas attacks by ShinyHunters, and a massive AI-focused investment scam network spanning 15,500 domains [Malwarebytes Labs].
The report also highlights several other notable security concerns, such as the silent 4GB AI download issue in Google Chrome, the adoption of the Bun JavaScript runtime by attackers to distribute NWHStealer, and a significant data breach affecting millions of students. Additionally, users are urged to update WhatsApp to address two newly disclosed vulnerabilities that could expose devices to malicious files.
The roundup further touches on broader industry issues, including the potential impact of the Online Safety Act on age verification methods and the economic consequences of cyberattacks on consumer pricing. Readers are encouraged to review the full summary for detailed insights into these and other emerging threats [Malwarebytes Labs].