David

Security Stuff

Author

David

Category

Technology

Latest episode

Jul 2, 2026

Where to listen?

Podcasts in the app Replaio Radio Coming soon

Podcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts

Get it on Google Play Install for free Android 5M+ downloads · 4.8 rating iOS soon

Episodes

Hugging Face, ClawHub Abused for Malware Distribution 01.05.2026

Cybercriminals are exploiting AI distribution platforms Hugging Face and ClawHub to spread malware by disguising malicious code as legitimate shared files, according to security firm Acronis. Acronis discovered nearly 600 malicious skills on ClawHub distributing trojans, cryptominers, and information stealers for Windows and macOS, while multiple campaigns on Hugging Face targeted Windows, Linux,...

FBI Warns of Surge in Hacker-Enabled Cargo Theft 01.05.2026

The FBI is warning about a dramatic surge in cyber-enabled cargo theft, with criminal gangs using phishing emails, malware, and fake identities to steal high-value shipments from logistics companies. These sophisticated attacks cost the industry over 700 million dollars in 2025, a 60 percent jump from the previous year, as hackers compromise shipping brokers and carriers to hijack legitimate freig...

Cisco Releases Open Source Tool for AI Model Provenance 01.05.2026

Cisco has released an open source tool called Model Provenance Kit to help organizations verify the origins and integrity of third-party AI models. The Python-based toolkit creates unique fingerprints for AI models by analyzing metadata, tokenizer similarity, and weight-level identity signals, then compares them against a database to trace lineage and identify potential security vulnerabilities, b...

Sophisticated Deep#Door Backdoor Enables Espionage, Disruption 01.05.2026

Security researchers at Securonix have uncovered Deep#Door, a sophisticated Python-based backdoor that targets Windows systems with an aggressive multi-layered approach to espionage and disruption. The malware disables security controls like Windows Defender and firewalls, establishes persistent access through multiple methods, and performs extensive surveillance including keylogging, screenshot c...

Two US Security Experts Sentenced to Prison for Helping Ransomware Gang 01.05.2026

Two cybersecurity professionals, Ryan Goldberg and Kevin Martin, have each been sentenced to four years in prison for conducting ransomware attacks using the BlackCat and Alphv malware while working as security experts at legitimate firms. The pair, along with a third defendant awaiting sentencing, flipped from defenders to criminals, targeting companies and collecting roughly 1.2 million dollars...

Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft 01.05.2026

Security researchers have uncovered a sophisticated supply chain attack targeting developers through poisoned Ruby Gems and Go Modules designed to steal credentials from continuous integration and deployment pipelines. The malicious packages exploit the automated nature of CI/CD systems, where they run with elevated privileges and have access to sensitive authentication tokens and environment vari...

Two Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware Attacks 01.05.2026

Two cybersecurity professionals have been sentenced to four years in prison for their involvement in BlackCat ransomware attacks. The case highlights a troubling trend where security experts misuse their skills and insider knowledge to facilitate cybercrime. The sentences underscore growing judicial efforts to hold technically sophisticated criminals accountable, particularly when they exploit the...

20 Years in Cyber: Dark Reading Marks Milestone With Month of Special Coverage 01.05.2026

Dark Reading, the cybersecurity news site, is celebrating its 20th anniversary, having launched on this day in 2006. The publication is marking the milestone with a month-long celebration that will include special coverage spanning the two decades of cybersecurity developments it has documented. Readers are being invited to participate in the anniversary celebrations as Dark Reading reflects on it...

Top Five Sales Challenges Costing MSPs Cybersecurity Revenue 01.05.2026

Managed service providers are leaving money on the table when it comes to cybersecurity sales, according to a new industry analysis. The report identifies five critical challenges preventing MSPs from maximizing their security revenue, including difficulties in communicating the value of cybersecurity services to clients and effectively packaging security solutions. As cyber threats continue to es...

Name That Toon: Mark of (Security) Progress 01.05.2026

Dark Reading is celebrating its 20th anniversary by bringing back its "Name That Toon" contest, inviting readers to submit creative cybersecurity-related captions for a cartoon showing scenes from 2006 and 2026. Contestants have until May 26th to submit their entries via email or social media, with the winner receiving a twenty dollar gift card and having their caption published alongsid...

Sandhills Medical Says Ransomware Breach Affects 170,000 30.04.2026

South Carolina healthcare provider Sandhills Medical Foundation has disclosed a ransomware attack affecting nearly 170,000 patients, discovered in May 2025 but only publicly disclosed nearly a year later. The breach exposed highly sensitive information including social security numbers, financial data, driver's licenses, and personal health records. The Inc Ransom cybercrime group has since l...

‘Copy Fail’ Logic Flaw in Linux Kernel Enables System Takeover 30.04.2026

A critical logic flaw dubbed "Copy Fail" in the Linux kernel has been discovered that allows unprivileged attackers to gain root access on systems running most Linux distributions since 2017. The vulnerability, tracked as CVE-2026-31431 with a severity score of 7.8, can be exploited using a simple 732-byte Python script to modify the in-memory copy of setuid-root binaries, posing particu...

EnOcean SmartServer Flaws Expose Buildings to Remote Hacking 30.04.2026

Security researchers at Claroty have discovered critical vulnerabilities in EnOcean's SmartServer IoT platform that could allow hackers to remotely take control of building management and automation systems used in smart buildings, factories, and data centers. The flaws enable attackers to bypass memory protections and execute arbitrary commands with root privileges on the Linux-based devices...

Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months 30.04.2026

A critical authentication bypass vulnerability in cPanel and WebHost Manager has been exploited in the wild since February, allowing unauthenticated attackers to gain full administrative control over affected systems. The flaw, tracked as CVE-2026-41940 with a severity score of 9.8, affects all versions after 11.40 and could compromise all websites on shared hosting servers, with roughly 1.5 milli...

Critical Gemini CLI Flaw Enabled Host Code Execution, Supply Chain Attacks 30.04.2026

Security researchers at Novee Security discovered a critical vulnerability in Google's Gemini CLI tool that could have allowed attackers to execute arbitrary code on host systems and carry out supply chain attacks. The flaw stemmed from Gemini CLI automatically trusting and loading agent configurations from workspace folders without any security checks or human approval, giving attackers with...

Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution 30.04.2026

Google has patched critical security vulnerabilities, including a maximum severity CVSS 10 flaw in the Gemini command-line interface that enabled remote code execution through continuous integration pipelines. The company also fixed similar issues in the Cursor code editor that could allow attackers to execute malicious code. These vulnerabilities posed serious risks to developers and organization...

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades 30.04.2026

Cybersecurity researchers at Zscaler ThreatLabz have discovered a malware campaign where hackers are distributing EtherRAT malware by disguising it as legitimate administrative tools through fake GitHub repositories. The attackers are creating convincing facades of popular system administration utilities to trick users into downloading the malicious software. This technique leverages GitHub's...

New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions 30.04.2026

A new Linux vulnerability dubbed "Copy Fail" has been discovered that could allow attackers to gain root access on major Linux distributions. The flaw affects the file copying mechanism and poses a significant security risk to systems running vulnerable versions of the operating system. Security researchers are urging Linux users to apply patches as soon as they become available from the...

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials 30.04.2026

A newly discovered Python-based backdoor is exploiting tunneling services to steal sensitive credentials from web browsers and cloud platforms. The malware establishes covert communication channels that bypass traditional security measures, allowing attackers to extract login information and authentication tokens without detection. Security researchers at Zscaler ThreatLabz are warning organizatio...

Oracle Red Bull Racing Team Revs Up Automation to Boost Security 30.04.2026

The Oracle Red Bull Racing Formula One team has implemented identity and access management automation tools to speed up operations while maintaining security across thousands of servers and team members. The new system reduced wind tunnel recovery time from one hour to just two minutes and centralized credential access for over one hundred service accounts, allowing engineers to quickly troublesho...

Chrome 147, Firefox 150 Security Updates Rolling Out 29.04.2026

Google and Mozilla have released major security updates for their browsers, with Chrome 147 patching thirty vulnerabilities including four critical use-after-free flaws that could allow arbitrary code execution, earning external researchers thirty thousand dollars in bug bounties. Firefox 150 addresses four security defects including critical memory safety bugs that Mozilla says could potentially...

38 Vulnerabilities Found in OpenEMR Medical Software 29.04.2026

Security researchers have discovered 38 vulnerabilities in OpenEMR, an open-source medical records platform used by over 100,000 healthcare providers worldwide to manage data for more than 200 million patients. The flaws, which have now been patched, included critical SQL injection bugs that could have allowed authenticated attackers to steal patient information, compromise databases, and execute...

Iranian Cyber Group Handala Targets US Troops in Bahrain 29.04.2026

The Iranian cyber group Handala, linked to Iran's Ministry of Intelligence and Security, has launched an intimidation campaign targeting US troops stationed in Bahrain through WhatsApp messages claiming the service members are under surveillance and will soon face drone and missile attacks. The group, which has been active since 2008, recently published personal information of over 2,300 US M...

Checkmarx Confirms Data Stolen in Supply Chain Attack 29.04.2026

Checkmarx has confirmed that attackers stole 96 gigabytes of data during last month's supply chain attack on its KICS open source project, including source code, employee databases, API keys, and database credentials. The breach, attributed to the TeamPCP hacking group with potential ties to the Lapsus$ extortion gang, began when hackers compromised Checkmarx's GitHub environment through...

Fresh LiteLLM Vulnerability Exploited Shortly After Disclosure 29.04.2026

A critical SQL injection vulnerability in the open source AI gateway LiteLLM was exploited just 36 hours after being indexed in GitHub's advisory database on April 24th. The flaw, rated 9.3 out of 10 in severity, allowed unauthenticated attackers to access database tables containing API keys and provider credentials by sending a specially crafted authorization header during the proxy's k...

Listen to the Security Stuff podcast in Replaio

Radio and podcasts in one app - free, with no sign-up. Install today and do not miss the launch

Get it on Google Play

Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.