Google Says AI Helped Build a Zero-Day 2FA Bypass for Mass Exploitation
Google GTIG says an attacker used an AI tool to develop a zero-day two-factor authentication bypass that was intended for mass exploitation. The vendor...
Author profile
Emma Davis
Content editor and security writer focused on making malware-removal and scam-prevention guides easier to understand. Emma reviews structure, clarity, and source consistency before articles are published.
1,039 articles
Editorial review
Reader clarity
Security guidance
Published work
Recent articles by Emma Davis
News · May 11, 2026
Checkmarx Jenkins AST Plugin 2026.5.09 Was Published as Malicious Artifact
Checkmarx says a modified Jenkins AST Scanner plugin was published to Jenkins Marketplace. Jenkins admins should verify versions, avoid 2026.5.09, and rotate CI/CD secrets...
News · May 11, 2026
Fake OpenAI Privacy Filter Repo on Hugging Face Dropped Windows Infostealer
A fake OpenAI Privacy Filter repository on Hugging Face reached trending visibility before removal. HiddenLayer says it shipped a Windows-focused infostealer loader, so anyone...
News · May 10, 2026
Ollama CVE-2026-7482: Bleeding Llama Memory Leak Exposes Prompts and API Keys
Cyera disclosed Bleeding Llama, a critical unauthenticated Ollama memory leak tracked as CVE-2026-7482. Exposed servers should update to v0.17.1 or later, restrict access, and...
News · May 9, 2026
JDownloader Site Hacked: Malicious Installers Delivered Python RAT
JDownloader says some official website download links were swapped on May 6-7, 2026. Windows alternative installers and a Linux shell installer could deliver malware,...
News · May 9, 2026
cPanel & WHM Patch CVE-2026-29201, 29202, 29203: Update Now
cPanel has patched three new WHM and WP Squared vulnerabilities, including code execution and symlink handling flaws. Update with /scripts/upcp --force, verify the build,...
News · May 9, 2026
Ivanti EPMM CVE-2026-6973: Admin-Auth RCE Exploited in Zero-Day Attacks
Ivanti says CVE-2026-6973 is under limited exploitation in on-prem EPMM. The flaw needs admin authentication, but exposed admin panels, stolen sessions, and reused credentials...
News · May 8, 2026
MetInfo CMS CVE-2026-29014: unauthenticated RCE exploitation reported
Researchers warn that MetInfo CMS sites running versions up to 8.2.0 may be exposed to unauthenticated PHP code execution (CVE-2026-29014).
News · May 7, 2026
Malicious PyPI packages delivered ZiChatBot malware via Zulip APIs, Kaspersky says
Kaspersky says malicious PyPI wheel packages dropped ZiChatBot on Windows/Linux and used Zulip REST APIs for C2.
News · May 6, 2026
vm2 CVE-2026-26956: Node.js sandbox escape enables host code execution
A critical sandbox-escape flaw in vm2 3.10.4 can let untrusted Node.js code reach the host environment. Upgrade to vm2 3.10.5 or later.
News · May 6, 2026
MuddyWater used Microsoft Teams screen sharing in a Chaos ransomware ‘false flag,’ Rapid7 says
Security researchers say the Iranian-linked group MuddyWater used Microsoft Teams chats and interactive screen sharing to trick employees into handing over credentials — then...
News · May 6, 2026
Palo Alto PAN-OS CVE-2026-0300 RCE Is Being Exploited
Palo Alto Networks says CVE-2026-0300 is under limited exploitation against exposed User-ID Authentication Portals. Disable or restrict the portal while patches roll out.
