Critical Remote Code Execution Vulnerability Patched in Android
Google announced on Monday the release of an Android update patching a critical vulnerability that can be exploited for remote code execution. The flaw, tracked…
Category: SecurityWeek
Critical Bug Could Expose 300,000 Ollama Deployments to Information Theft
Roughly 300,000 Ollama deployments are prone to sensitive information theft through a remotely exploitable, unauthenticated critical vulnerability, Cyera warns. Ollama is an open source solution…
Microsoft Warns of Sophisticated Phishing Campaign Targeting US Organizations
Microsoft has warned organizations in the United States about a sophisticated phishing campaign that uses a “code of conduct review” theme to lure victims to…
Hacker Conversations: Joey Melo on Hacking AI
Joey Melo’s personal approach to hacking is less about deconstructing an original and then reconstructing it for a different purpose, and more about controlling the…
MetInfo, Weaver E-cology Vulnerabilities in Attackers’ Crosshairs
Threat actors have separately started exploiting two critical-severity vulnerabilities in MetInfo and Weaver E-cology that allow them to execute arbitrary code remotely, without authentication. MetInfo…
DigiCert Revokes Certificates After Support Portal Hack
DigiCert last week announced that certificates fraudulently obtained from its internal support portal after a cyberattack were revoked. The attack, the company said in a…
Cisco Moves to Acquire Astrix Security to Tackle Non-Human Identity Risks
Cisco on Monday announced its intent to acquire Astrix Security, a startup focused on securing non-human identities (NHIs) such as API keys, service accounts, and OAuth tokens…
Trellix Source Code Repository Breached
Cybersecurity company Trellix says a part of its source code repository was recently breached, but shared little other information about the incident. Trellix said it…
Cybersecurity M&A Roundup: 33 Deals Announced in April 2026
Thirty-three cybersecurity-related merger and acquisition (M&A) deals were announced in April 2026. For a detailed view of the more than 420 acquisitions announced in 2025,…
Over 40,000 Servers Compromised in Ongoing cPanel Exploitation
More than 40,000 servers have likely been compromised as attackers ramp up exploitation of a recently patched cPanel zero-day. As part of the ongoing campaign,…
US Military Reaches Deals With 7 Tech Companies to Use Their AI on Classified Systems
The Pentagon said Friday that it has reached deals with seven tech companies to use their artificial intelligence in its classified computer networks, allowing the…
1,800 Hit in Mini Shai-Hulud Attack on SAP, Lightning, Intercom
Over 1,800 developers were affected by the Mini Shai-Hulud supply chain attack that hit the PyPi, NPM, and PHP ecosystems over the past two days.…