Huntress outlines 2025 AI attack speed with automated scripts, but adversaries use familiar tradecraft. Detection and hygiene remain decisive.

Grok’s failure to block sexualized images of minors has turned a single “isolated lapse” into a global regulatory stress test for xAI’s ambitions. The response from lawmakers and regulators suggests this will not be solved with a quick apology and a hotfix.

Last week we reported on Grok’s apology after it generated an image of young girls in “sexualized attire.”

The apology followed the introduction of Grok’s paid “Spicy Mode” in August 2025, which was marketed as edgy and less censored. In practice it enabled users to generate sexual deepfake images, including content that may cross into illegal child sexual abuse material (CSAM) under US and other jurisdictions’ laws.

A report from web-monitoring tool CopyLeaks highlighted “thousands” of incidents of Grok being used to create sexually suggestive images of non-consenting celebrities.

This is starting to backfire. Reportedly, three US senators are asking Google and Apple to remove Elon Musk’s Grok and X apps from their app stores, citing the spread of nonconsensual sexualized AI images of women and minors and arguing it violates the companies’ app store rules.

In their joint letter, the senators state:

“In recent days, X users have used the app’s Grok AI tool to generate nonconsensual sexual imagery of real, private citizens at scale. This trend has included Grok modifying images to depict women being sexually abused, humiliated, hurt, and even killed. In some cases, Grok has reportedly created sexualized images of children—the most heinous type of content imaginable.”

The UK government also threatens to take possible action against the platform. Government officials have said they would fully support any action taken by Ofcom, the independent media regulator, against X. Even if that meant UK regulators could block the platform.

Indonesia and Malaysia already blocked Grok after its “digital undressing” function flooded the internet with suggestive and obscene manipulated images of women and minors.

As it turns out, a user prompted Grok to generate its own “apology,” which it did. After backlash over sexualized images of women and minors, Grok/X announced limits on image generation and editing for paying subscribers only, effectively paywalling those capabilities on main X surfaces.

For lawmakers already worried about disinformation, election interference, deepfakes, and abuse imagery, Grok is fast becoming the textbook case for why “move fast and break things” doesn’t mix with AI that can sexualize real people on demand.

Hopefully, the next wave of rules, ranging from EU AI enforcement to platform-specific safety obligations, will treat this incident as the baseline risk that all large-scale visual models must withstand, not as an outlier.

Keep your children safe

If you ever wondered why parents post images of their children with a smiley across their face, this is the reason.

Don’t make it easy for strangers to copy, reuse, or manipulate your photos.

This incident is yet another compelling reason to reduce your digital footprint. Think carefully before posting photos of yourself, your children, or other sensitive information on public social media accounts.

And treat everything you see online—images, voices, text—as potentially AI-generated unless they can be independently verified. They’re not only used to sway opinions, but also to solicit money, extract personal information, or create abusive material.

---

We don’t just report on threats – we help protect your social media

Cybersecurity risks should never spread beyond a headline. Protect your social media accounts by using Malwarebytes Identity Theft Protection.

What 2026 will demand from CISOs: resilience over prevention, governed AI, hardened identity, and business continuity in an AI-driven threat landscape

Independent recognition matters in cybersecurity, and it matters a lot to us. It shows how security products perform when they’re tested against in-the-wild threats, using lab environments designed to reflect what people actually face in the real world.

In 2025, Malwarebytes earned awards and recognition from a steady stream of third-party testing labs and industry groups. Here’s what those tests looked like and what they found.  

AVLab Cybersecurity Foundation: Real-world malware, real results  

Malwarebytes earned another Advanced In-The-Wild badge from AVLab Cybersecurity Foundation in 2025, continuing a run of accolades.

In November, AVLab Cybersecurity Foundation tested 244 real-world malware samples across 14 cybersecurity products. Malwarebytes Premium Security detected every single one. On top of that, it removed threats with an average remediation time of 2.18 seconds—nearly 12 seconds faster than the industry average.  

That result also marked our third Excellent badge in 2025, following earlier tests in July and September.

Earlier in the year, Malwarebytes Premium Security was also named Product of the Year for the third consecutive year, after it blocked 100% of in-the-wild malware samples. 

MRG Effitas: Consistent Android protection, proven over time

For the seventh consecutive time, Malwarebytes earned MRG Effitas’ Android 360° Certificate in November, one of the toughest independent tests in mobile security, underscoring the strength and reliability of Malwarebytes Mobile Security. 

MRG Effitas conducted in-depth testing of Android antivirus apps using real-world scenarios, combining in-the-wild malware with benign samples to assess detection gaps and weaknesses. 

Our mobile protection received the highest marks, achieving a near-perfect detection rate in MRG Effitas’ rigorous lab testing, reaffirming what our customers already know: Malwarebytes stops threats before they can cause harm. 

PCMag Readers’ Choice Awards: Multiple category wins 

Not all validation comes from labs. In PCMag’s 2025 Readers’ Choice Awards, Malwarebytes topped three award categories based on reader feedback: Best PC Security Suite, Best Android Antivirus, and Best iOS/iPadOS Antivirus.

A Digital Trends 2025 Recommended Product

Malwarebytes for Windows earned a Digital Trends 2025 Recommended Product designation, with reviewers highlighting its ease of use, fast and effective customer support, and strong value for money. 

CNET: Best Malware Removal Service 2025 

CNET named Malwarebytes the Best Malware Removal Service 2025 after testing setup, features, design, and performance. The review highlighted standout capabilities, including top-tier malware removal and comprehensive Browser Guard web protection. 

AV Comparatives Stalkerware Test: 100% detection rate

In collaboration with the Electronic Frontier Foundation (EFF), AV-Comparatives tested 13 Android security solutions against 17 stalkerware-type apps—software often used for covert surveillance and abuse.

Only a few products handled detection and alerting responsibly. Malwarebytes was the only solution to achieve a 100% detection rate in the September 2025 test.

What we learned from a year of testing

All these results highlight our mission to reimagine security and protect people and data across all devices and platforms. 

Recent innovations like Malwarebytes Scam Guard for Mobile and Windows Tools for PC set new standards for privacy and affordable protection, enhanced by AI-powered features like Trusted Advisor, your built-in personal digital health hub available on all platforms.

We’re grateful to the independent organizations that continue to test our products and to the users who trust Malwarebytes every day.

---

We don’t just report on threats—we help safeguard your entire digital identity

Cybersecurity risks should never spread beyond a headline. Protect your, and your family’s, personal information by using identity protection.

For the latest discoveries in cyber research for the week of 12th January, please download our Threat Intelligence Bulletin.

TOP ATTACKS AND BREACHES

• Manage My Health, New Zealand’s largest patient portal, has acknowledged a cyberattack occurred on December 2025, that potentially exposed data of nearly 110K users. An alleged attacker, dubbed Kazu, claimed responsibility and demanded a $60,000 ransom.
• France’s Office for Immigration and Integration has confirmed data theft via a third-party operator after a hacker posted samples online. The exposed records include names, contact details, entry dates, and reasons for stay for foreign residents.
• Ledger, a global crypto hardware wallet maker, has disclosed a breach at e-commerce partner Global-e exposing customer contact and order details. Attackers launched phishing lures impersonating both firms to harvest wallet data. Ledger said wallets and seed phrases were unaffected, but targeted scams increased.
• Giant US fiber broadband provider, Brightspeed, was claimed as breached by the Crimson Collective extortion gang. The intrusion allegedly exposed sensitive information belonging to over 1 million customers; however the company has not yet confirmed the incident.
• American Dartmouth College, has disclosed that an August attack exploiting Oracle E-Business Suite exposed personal information of over 40,000 people. Leaked data includes Social Security numbers and bank account information. Reports attribute the intrusion to Clop ransomware group.

Check Point IPS, Threat Emulation and Harmony Endpoint provide protection against this threat (Oracle Multiple Products Remote Code Execution (CVE-2025-61882, CVE-2025-61884); Ransomware.Win.Clop; Ransomware.Wins.Clop; Ransomware.Wins.Clop.ta.*)

• JBS Mental Health Authority, a regional US nonprofit, has experienced a ransomware attack in late December. The organization was listed by the Medusa ransomware group, which claims it stole 168.6GB of data, including sensitive client records and internal operational information.

Check Point Threat Emulation provides protection against this threat (Ransomware.Wins.Medusa)

• Prosura, an Australia and New Zealand car rental insurance provider, has reported a data breach that resulted from an unauthorized access to parts of its systems. The attacker allegedly exposed driver licenses and policy documents. Prosura paused online self-service and said payment card data is not stored in its systems.
• Free Speech Union, a UK membership organization, has experienced a data breach after activist group Bash Back compromised its website and posted transaction details online. Records for thousands of donations were leaked, including amounts and comments. The organization took its site offline as a precaution.

VULNERABILITIES AND PATCHES

• SmarterTools fixed CVE-2025-52691, a critical pre-auth remote code execution flaw with a CVSS score of 10.0. Successful exploitation allows an attacker to upload files and write to web-accessible paths, potentially resulting in full server compromise.

Check Point IPS provides protection against this threat (SmarterMail Arbitrary File Upload (CVE-2025-52691))

• A patch was released for CVE-2025-64496 vulnerability in Open WebUI, a self-hosted interface for AI models, enabling code injection via the Direct Connection feature and potential remote code execution. Versions through 0.6.34 are affected.
• Cisco has addressed CVE-2026-20029, a medium-severity flaw in Identity Services Engine and ISE-PIC, which allows administrators to access sensitive files via improper XML parsing. Exploitation of the flaw requires valid admin credentials.

THREAT INTELLIGENCE REPORTS

• Check Point Research observed GoBruteforcer, a modular Go botnet brute-forcing Linux servers running phpMyAdmin, MySQL, PostgreSQL and FTP. Campaigns exploit AI-generated server deployments that propagate common usernames and weak defaults. The botnet converts hosts into scanners and credential harvesters, with crypto-focused runs stealing funds and expanding access through backdoors and IRC-based control.

Check Point Threat Emulation and Harmony Endpoint provide protection against this threat

• Check Point researchers identified the OPCOPRO “Truman Show” investment scam, which industrializes social engineering via WhatsApp and Telegram. Apps from official stores serve as interfaces to attacker servers, fabricating balances and trades, harvesting KYC documents, and driving identity theft and deposits.

Check Point Harmony Endpoint provides protection against this threat

• Researchers analyzed LockBit 5.0 ransomware, detailing ChaCha20-Poly1305 file encryption, X25519 with BLAKE2b key exchange, termination of VSS and backup services, and Temp directory cleanup. LockBit 5.0 uses custom random extensions per execution, excludes system files, supports Stealbit exfiltration, and drops a ransom note threatening data leakage.

Check Point Threat Emulation and Harmony Endpoint provide protection against this threat (Ransomware.Wins.Lockbit; Ransomware.Wins.Lockbit.ta.*; Ransomware.Win.LockBit; Gen.Win.Crypter.Lockbit)

• Researchers uncovered PHALT#BLYX, an ongoing campaign that targets European hospitality via Booking.com-themed phishing and ClickFix-style fake BSOD/captcha lures that prompt PowerShell execution. The chain aims for credential theft and privilege elevation.

Check Point Threat Emulation and Harmony Endpoint provide protection against this threat (RAT.Wins.Dcrat; RAT.Win.DCRat; InfoStealer.Wins.DcRat)

The post 12th January – Threat Intelligence Report appeared first on Check Point Research.

Last week on Malwarebytes Labs:

• pcTattletale founder pleads guilty as US cracks down on stalkerware
• Are we ready for ChatGPT Health?
• CISA warns of active attacks on HPE OneView and legacy PowerPoint
• Lego’s Smart Bricks explained: what they do, and what they don’t
• Fake WinRAR downloads hide malware behind a real installer
• One million customers on alert as extortion group claims massive Brightspeed data haul
• Phishing campaign abuses Google Cloud services to steal Microsoft 365 logins
• Disney fined $10m for mislabeling kids’ YouTube videos and violating privacy law
• ALPRs are recording your daily drive (Lock and Code S06E26)
• Grok apologizes for creating image of young girls in “sexualized attire”

Stay safe!

---

We don’t just report on privacy—we offer you the option to use it.

Privacy risks should never spread beyond a headline. Keep your online privacy yours by using Malwarebytes Privacy VPN.

This week on the Lock and Code podcast…

There’s a bizarre thing happening online right now where everything is getting worse.

Your Google results have become so bad that you’ve likely typed what you’re looking for, plus the word “Reddit,” so you can find discussion from actual humans. If you didn’t take this route, you might get served AI results from Google Gemini, which once recommended that every person should eat “at least one small rock per day.” Your Amazon results are a slog, filled with products that have surreptitiously paid reviews. Your Facebook feed could be entirely irrelevant because the company decided years ago that you didn’t want to see what your friends posted, you wanted to see what brands posted, because brands pay Facebook, and you don’t, so brands are more important than your friends.

But, according to digital rights activist and award-winning author Cory Doctorow, this wave of online deterioration isn’t an accident—it’s a business strategy, and it can be summed up in a word he coined a couple of years ago: Enshittification.

Enshittification is the process by which an online platform—like Facebook, Google, or Amazon—harms its own services and products for short-term gain while managing to avoid any meaningful consequences, like the loss of customers or the impact of meaningful government regulation. It begins with an online platform treating new users with care, offering services, products, or connectivity that they may not find elsewhere. Then, the platform invites businesses on board that want to sell things to those users. This means businesses become the priority and the everyday user experience is hindered. But then, in the final stage, the platform also makes things worse for its business customers, making things better only for itself.

This is how a company like Amazon went from helping you find nearly anything you wanted to buy online to helping businesses sell you anything you wanted to buy online to making those businesses pay increasingly high fees to even be discovered online. Everyone, from buyers to sellers, is pretty much entrenched in the platform, so Amazon gets to dictate the terms.

Today, on the Lock and Code podcast with host David Ruiz, we speak with Doctorow about enshittification’s fast damage across the internet, how to fight back, and where it all started.

 ”Once these laws were established, the tech companies were able to take advantage of them. And today we have a bunch of companies that aren’t tech companies that are nevertheless using technology to rig the game in ways that the tech companies pioneered.”

Tune in today to listen to the full conversation.

Show notes and credits:

Intro Music: “Spellbound” by Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 4.0 License
http://creativecommons.org/licenses/by/4.0/
Outro Music: “Good God” by Wowa (unminus.com)

---

Listen up—Malwarebytes doesn’t just talk cybersecurity, we provide it.

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being with our exclusive offer for Malwarebytes Premium Security for Lock and Code listeners.

The New Frontier of Agentic Development: Accelerating Developer Productivity

The world of software development is undergoing a rapid transformation, driven by the rise of AI agents and autonomous tools. Factory is advancing this shift through agent-native development, a new paradigm where developers focus on high-level design and agents, called Droids, handle the execution. Designed to support work across the software development lifecycle, these agents enable a new mode of development, delivering significant gains in speed and productivity, without sacrificing developer control.

As developer workflows increasingly rely on autonomous development agents, the way software is built evolves. This shift introduces important security considerations, such as prompt injection, sensitive data loss, unsafe URL access and malicious code execution, which, if left unaddressed, can undermine the very benefits these agents offer. Accelerating productivity depends not just on deploying agents, but on deploying them securely. This is where Palo Alto Networks, with its purpose-built AI security platform, Prisma^® AIRS™, plays a critical role.

The Productivity Paradox: Where Agents Introduce Risk

Autonomous agents operating across the software development lifecycle accelerate developer productivity, while also introducing a complex, language-driven threat surface that traditional security tools are not equipped to handle. As a result, new risks emerge, such as prompt injection or leaking secrets that extend beyond the visibility and control assumptions of traditional security approaches. Addressing these considerations is essential to preserving the benefits that agentic development provides.

Recognizing this shift, Palo Alto Networks has introduced targeted capabilities to accelerate secure development workflows. These efforts focus on three critical defense areas: preventing prompt injection, blocking sensitive data leaks and enabling robust malicious code detection capabilities, all of which are necessary to secure the full lifecycle of agent-driven systems.

The Solution: Securing Agentic Workflows for Acceleration

The solution is designed to convert security challenges directly into deployment confidence, dramatically accelerating productivity. By natively integrating Prisma AIRS within Factory’s Droid Shield Plus, the platform is able to inspect all large language model (LLM) interactions, including prompts, responses and subsequent tool calls, to enable comprehensive security across each interaction with the agent.

Prisma AIRS is a comprehensive platform designed to provide organizations with the visibility and control needed to safeguard AI agents across any environment. The platform continuously monitors agent behavior in real time to detect and prevent threats unique to agent-driven systems.

How Security Drives Speed

Embedding security natively into the Factory platform enables two crucial outcomes. To start, it delivers a secure, agent-native development experience for every developer, fostering immediate trust in the integrity of the generated code and documentation. This assurance removes friction often associated with AI-powered workflows, which can accelerate enterprise adoption and scaling of the Factory platform across the organization.

When developers can trust the agents and the integrity of the generated code and documentation, they can innovate faster and deploy with greater confidence. Instead of waiting for security reviews or dealing with fragmentation, security is woven seamlessly into the development lifecycle.

The integration follows a clear API Intercept design pattern:

• When a user enters a prompt or initiates work in Factory, Prisma AIRS intercepts the workflow. If a malicious prompt is detected, the platform can add logic to coach or block the user.

• Similarly, after the LLM generates code, Prisma AIRS intercepts the generated content. If secrets are detected, the platform again adds logic to coach or block the result before it reaches Factory or the user.

This real-time inspection of prompts and generated code enables development teams to be protected against threats, such as privilege escalation, prompt injection and malicious code execution, without disrupting developer velocity.

Deploy Bravely

Prisma AIRS 2.0 establishes a unified foundation for scalable and secure AI innovation. By combining Factory’s agent-native development platform with the threat detection capabilities of Palo Alto Networks Prisma AIRS, organizations gain a powerful advantage. Together, this approach helps organizations adopt agentic development with confidence by embedding security directly into the development experience.

For enterprises looking to confidently scale AI automation and realize the immense productivity gains offered by Factory’s Droids, integrating Prisma AIRS is the next step. This combined approach enables teams to "Deploy Bravely." To learn more about this strategic partnership and integration, see our latest integration announcement and review the Droid Shield Plus integration documentation.

---

Key Takeaways for Secure Agentic Development

When adopting Factory with Prisma AIRS, enterprises realize immediate benefits that accelerate their AI strategy:

1. Specialized Threat Defense
   Enterprises gain real-time, targeted protection against agent-specific threats, specifically prompt injection attacks and data leaks, which legacy tools cannot address.
2. Native, Seamless Security
   Moving from a fragmented review process to a continuous, automated defense via API Interception, security enables compliance without slowing down development velocity.
3. Deployment Confidence
   The native integration transforms security risks into operational assurance, accelerating the large-scale enterprise adoption and scaling of your Factory agent-native automation initiatives.

The post Prisma AIRS Secures the Power of Factory’s Software Development Agents appeared first on Palo Alto Networks Blog.

Artificial intelligence has shifted to being the primary engine for market leadership. To compete, enterprises are shifting from general-purpose computing to AI factories, specialized infrastructures designed to manage the entire lifecycle of AI. However, this transition requires robust security without sacrificing performance and efficiency.

We are proud to announce that Palo Alto Networks Prisma^® AIRS™, accelerated on the NVIDIA BlueField data processing unit (DPU), is now part of the NVIDIA Enterprise AI Factory validated design.

The integrated solution embeds zero trust security directly into the AI infrastructure, providing comprehensive protection without impacting AI performance. By deploying Palo Alto Networks Prisma^® AIRS™ Network Intercept directly onto the NVIDIA BlueField and extending to the cloud, Prisma AIRS establishes an essential zero trust governance fabric for the AI factory, enabling enterprises to accelerate innovation while maintaining control.

This critical architectural shift enables optimal AI performance and infrastructure efficiency by offloading security processing to an isolated domain, while leveraging the DPU's hardware acceleration via NVIDIA DOCA to enforce security policies at line speed. The implementation also leverages real-time workload information captured using DOCA Argus, which is then passed to Cortex XSIAM^® where it is used for AI-driven responses using the Cortex XSOAR^® orchestration platform.

Rich Campagna, SVP Product Management, Palo Alto Networks said:

The AI Factory is the new engine for value creation, and securing it is a board-level imperative. The validation of Palo Alto Networks Prisma AIRS accelerated with NVIDIA BlueField within the NVIDIA Enterprise AI Factory enables a new security architecture for the AI era. We are embedding trust directly into the infrastructure, giving leaders the confidence to safeguard their proprietary intelligence and deploy AI bravely.

Kevin Deierling, senior vice president of Networking at NVIDIA said:

AI is transforming every industry and security must evolve to protect AI factories. To be scalable, security must be distributed and embedded within the AI infrastructure. This is achieved with NVIDIA BlueField running Palo Alto Networks Prisma AIRS to deliver robust, runtime security for the AI factory, with optimal AI performance and efficiency.

Deploy AI Bravely with a Future-Proof Foundation

The Future of Secure AI Factories

In addition to deploying Palo Alto Networks Prisma AIRS on NVIDIA BlueField in a distributed model, it’s essential to maintain a centralized Hyperscale Security Firewall (HSF) cluster at the ingress and egress points of the AI factory to enforce a defense-in-depth strategy. Beyond network segmentation, individual workloads can selectively route traffic through hyperscale clusters to detect advanced application-layer threats and prevent lateral movement. These hyperscale firewall clusters scale elastically with demand, delivering session resiliency and the high availability required for critical AI operations.

This architecture fundamentally improves the Total Cost of Ownership (TCO) for AI infrastructure. By isolating security functions on BlueField, enterprises enable 100% of host computing resources to be dedicated to AI applications. This elimination of resource contention allows the AI Factory to maximize token throughput and capital efficiency.

This validated design is the blueprint for immediate efficiency. It provides a seamless path for enterprises to shift from general-purpose clusters to secure AI factory infrastructure without costly overhauls. More importantly, this collaboration establishes an unparalleled roadmap for future-proofing your investment. By securing operations with the high-performance NVIDIA BlueField-3 today, the architecture is inherently ready for the next generation, NVIDIA BlueField-4. This forward compatibility helps AI factories immediately handle gigascale demands, scaling up to 6X the compute power and doubling the bandwidth when BlueField-4 becomes available.

The inclusion of the Palo Alto Networks Prisma AIRS platform in the NVIDIA Enterprise AI Factory Validated Design bolsters enterprise AI security. By establishing the zero trust governance fabric of Prisma AIRS runtime security on NVIDIA BlueField, organizations gain a comprehensive defense. Proprietary and sensitive data is secured throughout the entire stack, and models are protected from adversarial threats, such as prompt injection attacks. With Prisma AIRS, the world's most comprehensive AI security platform, leaders gain the confidence to innovate and deploy AI bravely. This validated design is the essential blueprint for securely accelerating your market leadership without compromising security.

Join our "How to Secure the AI Factory" breakout session at NVIDIA GTC 2026, March 16-19, in San Jose, CA to hear more about this transformative solution and accelerate your AI innovation securely.

The post Palo Alto Networks Announces Support for NVIDIA Enterprise AI Factory appeared first on Palo Alto Networks Blog.