David

Security Stuff

Author

David

Category

Technology

Latest episode

Jul 2, 2026

Where to listen?

Podcasts in the app Replaio Radio Coming soon

Podcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts

Get it on Google Play Install for free Android 5M+ downloads · 4.8 rating iOS soon

Episodes

Skoda Data Breach Hits Online Shop Customers 11.05.2026

Skoda has disclosed a data breach at its online shop after hackers exploited a software vulnerability to access customer information including names, addresses, email addresses, phone numbers, and password hashes. The automaker, a subsidiary of Volkswagen Group, took the shop offline immediately, patched the vulnerability, and brought in external forensics experts, though the company says its prot...

Google Detects First AI-Generated Zero-Day Exploit 11.05.2026

Google has detected what it believes is the first zero-day exploit developed using artificial intelligence, marking a significant milestone in cyber threats. According to a new report, a prominent cybercrime group used AI to create a Python script designed to bypass two-factor authentication on an open-source system administration tool, with the exploit showing telltale signs of large language mod...

Your Purple Team Isn't Purple — It's Just Red and Blue in the Same Room 11.05.2026

Organizations claiming to have purple teams are often just placing their red and blue teams in the same room without true integration. The article argues that effective purple teaming requires more than physical proximity—it demands genuine collaboration where offensive security testers and defensive teams work together throughout exercises, sharing insights in real-time rather than after the fact...

Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads 11.05.2026

A malicious fake repository masquerading as an OpenAI privacy filter reached the number one spot on Hugging Face and was downloaded 244,000 times before being detected. The fraudulent package exploited users' trust in the popular AI model sharing platform, highlighting growing security concerns around open-source AI repositories. This incident underscores the vulnerability of developer commun...

Cyber Espionage Group Targets Aviation Firms to Steal Map Data 11.05.2026

A cyber espionage group called HeartlessSoul is targeting aerospace firms and drone operators through sophisticated phishing campaigns designed to steal geospatial mapping data, GPS coordinates, and terrain models. The attackers use fake aviation software installers to compromise systems and exfiltrate GIS files, primarily from Russian organizations, giving adversaries insight into infrastructure,...

⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More 11.05.2026

Security researchers have uncovered multiple threats this week including a new Linux rootkit targeting enterprise systems, a cryptocurrency stealer specifically designed for macOS devices, and sophisticated web skimmers that exploit WebSocket connections to steal payment data from e-commerce sites. These discoveries highlight the continued evolution of attack techniques across different platforms,...

Hackers Use AI for Exploit Development, Attack Automation 11.05.2026

Cybercriminals are now leveraging large language models to take their operations to the next level, using AI not just as a basic tool but to actually write exploits and coordinate sophisticated, multi-stage attacks. This marks a significant evolution in the threat landscape, as hackers automate and accelerate what were once time-consuming manual processes. Security experts warn that AI-powered att...

Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak 10.05.2026

A critical vulnerability in Ollama, a popular platform for running large language models locally, has been discovered that could allow attackers to remotely read process memory through an out-of-bounds read exploit. The security flaw potentially exposes sensitive information stored in the application's memory to unauthorized access. Users are advised to update to the latest version of Ollama...

cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now 09.05.2026

cPanel and WHM have released critical security patches addressing three newly discovered vulnerabilities that users need to install immediately. The web hosting management platforms, widely used by hosting providers worldwide, issued the fixes to prevent potential exploitation of these security flaws. System administrators are being urged to apply these updates without delay to protect their hosti...

Ransomware Group Takes Credit for Trellix Hack 08.05.2026

Cybersecurity firm Trellix has been hit by a ransomware attack, with the RansomHouse group claiming responsibility and publishing screenshots showing access to internal services and management dashboards. Trellix confirmed that part of its source code repository was breached but says there's no evidence the code was exploited or that its distribution process was affected. The timing of the at...

‘PCPJack’ Worm Removes TeamPCP Infections, Steals Credentials 08.05.2026

A new malware campaign called PCPJack is targeting systems already infected by the notorious TeamPCP hacking group, removing their tools before deploying its own credential-stealing framework. SentinelOne researchers believe this may be a former TeamPCP operator, as the malware targets similar cloud services and systems but focuses on stealing credentials for spam campaigns, financial fraud, and p...

AI Firm Braintrust Prompts API Key Rotation After Data Breach 08.05.2026

AI evaluation platform Braintrust is urging customers to rotate their API keys after hackers breached an internal AWS account on May 4th, potentially exposing credentials used to access AI models from companies like OpenAI and Anthropic. While only one customer has confirmed impact so far, security experts warn the real risk extends to downstream organizations including Box, Cloudflare, Dropbox, a...

Cyberattack Hits Canvas System Used by Thousands of Schools as Finals Loom 08.05.2026

The Canvas learning management system, used by thousands of schools and universities worldwide, went offline Thursday during a cyberattack claimed by the hacking group ShinyHunters. The outage came at a critical time as students prepare for final exams, with the hackers allegedly accessing billions of private messages and records from nearly 9,000 schools while threatening to leak the data unless...

Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants 08.05.2026

Poland's Internal Security Agency has reported that five water treatment plants were breached in 2025, with attackers gaining access to industrial control systems through weak passwords and internet-exposed systems. In some cases, hackers obtained the ability to modify operational parameters that could have directly threatened public water supplies. The agency attributes the attacks to Russia...

New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentials 08.05.2026

Cybersecurity researchers have discovered a new Linux backdoor called PamDOORa that targets SSH credentials by exploiting PAM modules, which are Linux's authentication framework. The malware allows attackers to steal login credentials while maintaining persistent access to compromised systems, making it particularly dangerous for server environments. Security experts warn that this represents...

Quasar Linux RAT Steals Developer Credentials for Software Supply Chain Compromise 08.05.2026

Security researchers have discovered a new campaign using the Quasar Linux RAT malware specifically targeting software developers to steal their credentials and compromise the software supply chain. The malware is designed to infiltrate developer systems and extract authentication tokens and credentials that could allow attackers to inject malicious code into legitimate software products. This rep...

One Missed Threat Per Week: What 25M Alerts Reveal About Low-Severity Risk 08.05.2026

A new analysis of 25 million security alerts reveals that organizations miss an average of one legitimate threat per week, primarily because low-severity warnings are overwhelming security teams. The data shows that the sheer volume of minor alerts creates blind spots, causing critical threats to slip through undetected as analysts struggle to prioritize what matters. This highlights a growing cha...

WhatsApp Discloses File Spoofing, Arbitrary URL Scheme Vulnerabilities 05.05.2026

WhatsApp has disclosed two medium-severity vulnerabilities that were patched earlier this year, both discovered through Meta's bug bounty program. The first flaw affected WhatsApp for Windows, allowing attackers to disguise malicious executables as harmless files, while the second impacted iOS and Android versions, potentially enabling attackers to redirect users to phishing sites or trigger...

Karakurt Ransomware Negotiator Sentenced to Prison 05.05.2026

A Latvian member of the notorious Karakurt ransomware gang has been sentenced to eight and a half years in US prison for his role as a negotiator and data analyst in the operation. Deniss Zolotarjovs, who received 10 percent of ransom payments in cryptocurrency, helped extort at least 53 organizations between 2021 and 2023, causing 56 million dollars in losses. The 35-year-old was particularly inv...

MetInfo, Weaver E-cology Vulnerabilities in Attackers’ Crosshairs 05.05.2026

Attackers are actively exploiting two critical vulnerabilities in enterprise software widely used in China. The first flaw in MetInfo, a content management system, allows remote code execution through unauthenticated PHP code injection, with exploitation surging over the weekend primarily targeting servers in Singapore. Separately, threat actors are exploiting a vulnerability in Weaver E-cology, a...

Critical Remote Code Execution Vulnerability Patched in Android 05.05.2026

Google has patched a critical remote code execution vulnerability in Android's System component, tracked as CVE-2026-0073, that affects the Android Debug Bridge daemon and can be exploited without user interaction. The flaw allows attackers to execute code as the shell user without needing additional privileges, though there's no indication it has been exploited in the wild yet. In relat...

Critical, High-Severity Vulnerabilities Patched in Apache MINA, HTTP Server 05.05.2026

Apache has released critical security patches for HTTP Server and MINA software, addressing over a dozen vulnerabilities including flaws that could allow remote code execution. The HTTP Server update fixes 11 vulnerabilities including double-free bugs in HTTP/2 handling and heap buffer overflows, while MINA patches address two critical issues related to incomplete fixes for insecure deserializatio...

Critical Bug Could Expose 300,000 Ollama Deployments to Information Theft 05.05.2026

Security researchers are warning that roughly 300,000 deployments of Ollama, a popular open-source tool for running AI models locally, are vulnerable to a critical security flaw dubbed Bleeding Llama. The vulnerability, tracked as CVE-2026-7482 with a severity score of 9.3, allows attackers to steal sensitive information including API keys, prompts, and messages through just three unauthenticated...

Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API 05.05.2026

A critical remote code execution vulnerability in Weaver E-cology's Debug API, tracked as CVE-2026-22679, is now being actively exploited in the wild. Security researchers are warning organizations using this enterprise collaboration platform to immediately patch or disable the vulnerable debug interface. The flaw allows attackers to execute arbitrary code remotely, posing a significant threa...

Hacker Conversations: Joey Melo on Hacking AI 05.05.2026

Security researcher Joey Melo has become a leading expert in AI red teaming by applying his penetration testing mindset to the challenge of jailbreaking large language models. His approach involves manipulating AI systems through carefully crafted prompts and context manipulation—essentially bending the AI to his will without changing the underlying code, similar to how he once modified video game...

Listen to the Security Stuff podcast in Replaio

Radio and podcasts in one app - free, with no sign-up. Install today and do not miss the launch

Get it on Google Play

Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.