A critical vulnerability in Ollama allows remote attackers to leak process memory through an out-of-bounds read flaw, potentially affecting hundreds of thousands of servers.
A new unpatched local privilege escalation vulnerability named Dirty Frag has been reported in the Linux kernel, succeeding the previously disclosed and actively exploited Copy Fail...
Researchers have revealed a new Linux backdoor called PamDOORa, which leverages PAM modules to maintain persistent SSH access using a magic password and a specific TCP...
A newly identified Linux Remote Access Trojan called Quasar Linux RAT (QLNX) is targeting developers to harvest credentials and enable supply chain compromises.
A new phishing campaign uses Google paid search ads to lure users into fake GoDaddy ManageWP login pages, aiming to steal credentials for managing WordPress websites.
Researchers have revealed a Mirai-derived botnet named xlabs_v1 that exploits exposed Android Debug Bridge on IoT devices to build a DDoS attack network.
Gartner's Market Guide for Guardian Agents highlights rapid enterprise adoption of AI agents surpassing the development of governance policies, raising concerns for security teams.
Iranian threat actor MuddyWater has employed Microsoft Teams in a false flag ransomware attack, using social engineering to gain credentials. The campaign, observed by Rapid7 in...
Researchers identify a large-scale fraud operation leveraging Telegram Mini Apps to conduct cryptocurrency scams, brand impersonation, and malware delivery on Android devices.
May 10, 2026
May 10, 2026
