← Latest brief

Security news.

·Afternoon Brief

Today's security news highlights a surge in malvertising and supply chain attacks, with hackers leveraging Google Ads, AI chat platforms, and compromised download sites to distribute malware. Critical vulnerabilities in Ollama and Ivanti EPMM are also under active exploitation, underscoring the need for immediate patch

BLEEPINGMALWARE
May 10READ

Hackers Abuse Google Ads, Claude.ai Chats to Push Mac Malware

Attackers are using malvertising campaigns via Google Ads and legitimate Claude.ai shared chats to trick users searching for "Claude mac download" into installing malware on their Macs.

THNBREACH
May 10READ

Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak

A critical out-of-bounds read flaw (CVE-2026-7482, CVSS 9.1) in Ollama, codenamed "Bleeding Llama," could allow remote, unauthenticated attackers to leak entire process memory, impacting over 300,000 servers.

BLEEPINGBREACH
May 9READ

JDownloader Site Hacked to Replace Installers with Python RAT Malware

The official website for the popular JDownloader download manager was compromised, distributing malicious Windows and Linux installers that deploy a Python-based remote access trojan.

BLEEPINGMALWARE
May 9READ

Fake OpenAI Repository on Hugging Face Pushes Infostealer Malware

A malicious Hugging Face repository impersonating OpenAI's "Privacy Filter" project made it to the trending list, delivering information-stealing malware to Windows users.

CISAKEV
May 8READ

CISA Adds BerriAI LiteLLM SQL Injection Vulnerability to KEV Catalog

CISA has added CVE-2026-42208, a SQL Injection vulnerability in BerriAI LiteLLM, to its Known Exploited Vulnerabilities Catalog, urging federal agencies to patch.

BLEEPINGZERO-DAY
May 8READ

CISA Gives Feds Four Days to Patch Ivanti Flaw Exploited as Zero-Day

CISA has mandated federal agencies patch a high-severity Ivanti Endpoint Manager Mobile (EPMM) vulnerability (CVE-2026-6973) within four days due to active zero-day exploitation.

DARK READING
May 8READ

ShinyHunters Claims Second Attack Against Instructure

The edtech company Instructure, owner of the Canvas LMS, is reportedly struggling with a second attack by ShinyHunters, potentially exposing PII of hundreds of millions.

BLEEPINGBREACH
May 8READ

Trellix Source Code Breach Claimed by RansomHouse Hackers

The RansomHouse threat group has claimed responsibility for the Trellix source code repository breach, leaking images as proof of their intrusion.

Generated twice daily from public security RSS feeds. Informational only.