CVE-2026-7482 in Ollama Exposes 300,000 AI Servers to Memory Leaks
May 11, 2026
CVE-2026-7482, dubbed ‘Bleeding Llama,’ exposes 300,000+ Ollama AI servers to heap memory leaks via a crafted GGUF file. Patch to
Application Security
CVE-2026-7482 in Ollama Exposes 300,000 AI Servers to Memory Leaks
CVE-2026-7482, dubbed 'Bleeding Llama,' exposes 300,000+ Ollama AI servers to heap memory leaks via a crafted GGUF file. Patch to version 0.17.1 is available.
JDownloader Website Hacked to Serve Python RAT Malware
Unknown attackers compromised the official JDownloader website and replaced legitimate Windows and Linux installers with a Python-based remote access trojan.
Fake OpenAI Repo Trended on Hugging Face Before Malware Found
A fraudulent OpenAI repository reached Hugging Face's trending list while distributing infostealing malware targeting credentials and access tokens.
cPanel and WHM Patch Three CVEs, Two Rated High Severity
cPanel patched two CVSS 8.8 flaws including Perl code execution in WHM, as the 40,000-server CVE-2026-41940 campaign remains active.
Twelve Critical vm2 Vulnerabilities Allow Node.js Sandbox Escape
Researchers disclosed 12 critical vulnerabilities in the widely-used vm2 Node.js sandbox library, all enabling sandbox escape and arbitrary code execution on the host system.
RCE, MCP OAuth Hijack, and Prompt Injection Found in Claude Dev Tools
Security researchers from Adversa AI and Mitiga disclosed a one-click RCE, silent MCP OAuth token hijacking, and a Chrome extension prompt injection vulnerability in Claude ...
Actively Exploited Ivanti EPMM CVE-2026-6973 Added to CISA KEV
Ivanti disclosed CVE-2026-6973, an actively exploited RCE vulnerability in EPMM 12.8.0.0 and earlier. CISA set a May 10 federal remediation deadline.
ZiChatBot Backdoor Uses Zulip API as C2 in PyPI Supply Chain Attack
Three PyPI packages with 2,400+ combined downloads delivered ZiChatBot malware to developer machines, abusing Zulip's REST API as a covert C2 channel with code links ...
Quasar Linux RAT Hijacks Developer Systems to Compromise Supply Chains
Researchers identified a Linux variant of Quasar RAT targeting developer systems to steal source code access, CI/CD credentials, and signing keys for supply chain attacks.
DAEMON Tools Build Breach Spread Three-Stage Backdoor for 27 Days
Disc Soft confirmed a build environment compromise that distributed trojanized DAEMON Tools Lite installers deploying an infostealer, backdoor, and QUIC RAT to users across 100+ ...
JDownloader Website Hacked to Serve Python RAT Malware
May 11, 2026
Unknown attackers compromised the official JDownloader website and replaced legitimate Windows and Linux installers with a Python-based remote access trojan.
Fake OpenAI Repo Trended on Hugging Face Before Malware Found
May 11, 2026
A fraudulent OpenAI repository reached Hugging Face’s trending list while distributing infostealing malware targeting credentials and access tokens.
cPanel and WHM Patch Three CVEs, Two Rated High Severity
May 11, 2026
cPanel patched two CVSS 8.8 flaws including Perl code execution in WHM, as the 40,000-server CVE-2026-41940 campaign remains active.
Twelve Critical vm2 Vulnerabilities Allow Node.js Sandbox Escape
May 8, 2026
Researchers disclosed 12 critical vulnerabilities in the widely-used vm2 Node.js sandbox library, all enabling sandbox escape and arbitrary code execution
RCE, MCP OAuth Hijack, and Prompt Injection Found in Claude Dev Tools
May 8, 2026
Security researchers from Adversa AI and Mitiga disclosed a one-click RCE, silent MCP OAuth token hijacking, and a Chrome extension
Actively Exploited Ivanti EPMM CVE-2026-6973 Added to CISA KEV
May 8, 2026
Ivanti disclosed CVE-2026-6973, an actively exploited RCE vulnerability in EPMM 12.8.0.0 and earlier. CISA set a May 10 federal remediation
ZiChatBot Backdoor Uses Zulip API as C2 in PyPI Supply Chain Attack
May 8, 2026
Three PyPI packages with 2,400+ combined downloads delivered ZiChatBot malware to developer machines, abusing Zulip’s REST API as a covert
Quasar Linux RAT Hijacks Developer Systems to Compromise Supply Chains
May 8, 2026
Researchers identified a Linux variant of Quasar RAT targeting developer systems to steal source code access, CI/CD credentials, and signing
DAEMON Tools Build Breach Spread Three-Stage Backdoor for 27 Days
May 8, 2026
Disc Soft confirmed a build environment compromise that distributed trojanized DAEMON Tools Lite installers deploying an infostealer, backdoor, and QUIC
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.