Advisories 11 May 2026

First AI-Generated Zero-Day Exploit – 2FA Bypass in Open-Source Web Admin Tool

Scope: Open-Source Web-Based System Administration Tool (Vendor Unspecified)

Advisories 11 May 2026
Active Malvertising Campaign Abusing Google Ads and Claude.ai to Deliver Mac Infostealer

Scope: macOS Users (Targeting AI Tool Search Traffic)

Severity: High

Advisories 11 May 2026
LiteLLM Pre-Authentication SQL Injection – Added to CISA KEV (CVE-2026-42208)

Scope: LiteLLM Proxy Versions 1.81.16 – 1.83.6

Severity: Red

Advisories 11 May 2026
Ollama "Bleeding Llama" Heap Memory Leak Exposing LLM API Keys (CVE-2026-7482)

Scope: Ollama (Versions Prior to 0.17.1 / Windows Prior to 0.23.0)

Advisories 7 May 2026
Apache HTTP Server HTTP/2 Double-Free Vulnerability Enabling DoS and RCE (CVE-2026-23918)

Scope: Apache HTTP Server 2.4.66 (mod_http2 with multi-threaded MPM)

Advisories 7 May 2026
DAEMON Tools Supply Chain Attack – Official Installers Trojanized Since April 8, 2026

Scope: DAEMON Tools Lite (Versions 12.5.0.2421 – 12.5.0.2434)

Advisories 7 May 2026
Quasar Linux (QLNX) Implant Targeting Developer and DevOps Environments

Scope: Linux Developer Workstations, DevOps Infrastructure (npm, PyPI, GitHub, AWS, Docker, Kubernet

Subscribe to Advisories