Risk
-
Fake OpenAI privacy filter repository hit top of Hugging Face trending list
A malicious Hugging Face repository impersonating OpenAI’s Privacy Filter model reached the platform’s trending list before being disabled. HiddenLayer said it delivered Windows infostealer malware and drew about 244,000 downloads in 18 hours.
-
Ollama flaw could expose process memory from exposed servers, researchers say
Researchers say a critical Ollama flaw could let remote attackers leak process memory from exposed servers, while separate Windows update bugs may allow persistent code execution. The disclosures affect widely used local AI software.
-
Sri Lanka arrests 37 Chinese nationals in suspected scam centre raid
Sri Lankan police arrested 37 Chinese nationals in a suburb of Colombo after raiding a suspected scam centre, seizing phones, tablets and SIM cards. Officials say the case fits a broader pattern of suspected fraud compounds in the country.
-
New Linux PamDOORa backdoor sold on cybercrime forum, researchers say
Researchers disclosed PamDOORa, a Linux backdoor sold on a Russian cybercrime forum for up to $1,600. The PAM-based tool can provide persistent SSH access, harvest credentials and tamper with logs, though no real-world use has been seen.
-
Ivanti says EPMM flaw exploited in limited attacks, CISA adds it to watchlist
Ivanti said a high-severity flaw in its Endpoint Manager Mobile software has been used in limited attacks and can allow remote code execution on affected on-premises systems. CISA added the issue to its exploited vulnerability catalog.
-
Australia warns of ClickFix attacks spreading Vidar Stealer malware
Australia’s cyber security agency warned of a ClickFix campaign using compromised WordPress sites to push Vidar Stealer. The advisory recommends restricting PowerShell, using allow-listing and updating WordPress plugins and themes.
-
Two US nationals sentenced for helping North Korea run laptop farms
Two U.S. nationals were sentenced to 18 months in prison for hosting laptops that helped North Korea’s remote IT worker scheme, which affected nearly 70 U.S. companies and generated about $1.2 million.
-
Fake Claude AI site pushes new Windows backdoor Beagle
A fake Claude AI website is pushing a malicious Claude-Pro Relay download that installs a new Windows backdoor called Beagle. The campaign uses a lookalike site, a 505MB archive and multiple malware delivery methods.
-
US commerce unit expands AI model testing agreements with Google, Microsoft and xAI
A US commerce unit has signed agreements with Google DeepMind, Microsoft and xAI to test frontier AI models before release, joining earlier deals with Anthropic and OpenAI as Washington weighs broader oversight.
-
vm2 library hit by a dozen critical Node.js sandbox escape flaws
A dozen critical vm2 vulnerabilities disclosed on May 7, 2026 can let attackers escape Node.js sandboxes, run code on the host and bypass allowlists. Fixes are available in vm2 3.11.2 and earlier patch releases.
