Malicious code in rlask (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 baacd735e23c83962845507427fa53c89bdc2e8e0456dbbce6f00a91bf4fe002 Typosquatting package published from a compromised account with an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed usi...

MAL-2026-5303 Malicious code in rlask (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 baacd735e23c83962845507427fa53c89bdc2e8e0456dbbce6f00a91bf4fe002 Typosquatting package published from a compromised account with an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed usi...

Malicious code in rsquests (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b32959e10bc6b1df57d105a5e5d74cbe7b69660cb7a1e78185d3f5e0e0f07e10 Typosquatting package published from a compromised account with an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed usi...

MAL-2026-5304 Malicious code in rsquests (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b32959e10bc6b1df57d105a5e5d74cbe7b69660cb7a1e78185d3f5e0e0f07e10 Typosquatting package published from a compromised account with an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed usi...

MAL-2026-5302 Malicious code in nhmpy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0b2d6b794431c52ef6b905eb676d70274a792cbca1b266a3405734a7a900860b Typosquatting package published from a compromised account with an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed usi...

UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign

Cybersecurity researchers have disclosed details of a financially motivated data theft extortion campaign that has targeted dozens of organizations across professional, legal, and financial services in the U.S. between January and May 2026. The activity has been attributed by Google Mandiant and...

A week in security (June 1 – June 7)

Last week on Malwarebytes Labs: Your phone called. It needs a cleanup. Fake BlueWallet steals passwords, accounts, and crypto from Macs Fake virus alerts are invading mobile games 23andMe exposed genetic information of millions, lawsuit says These convincing copyright notices are designed to stea...

CVE-2026-10803

A flaw was found in MLflow. This vulnerability stems from the use of a weak hash algorithm within the Dataset Digest Computation component. A local attacker could potentially exploit this weakness, which may impact the integrity or authenticity of data. Exploitation is considered difficult due to...

TigerVNC: x0vncserver: TigerVNC x0vncserver: Information disclosure, data manipulation, and denial of service via incorrect permissions

A flaw was found in TigerVNC's x0vncserver component. Due to incorrect permissions in the Image.cxx file, other users on the system can observe or manipulate the screen contents of a running session. This vulnerability could also lead to an application crash, resulting in a Denial of Service DoS...

tornado: Tornado: Cookie attribute injection due to improper handling of cookie arguments

A flaw was found in Tornado. A remote attacker could exploit this vulnerability by injecting specially crafted characters into the domain, path, and samesite arguments when setting cookies. This could lead to cookie attribute injection, potentially allowing for information disclosure or...

Important: nvidia-fabricmanager

Issue Overview: NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service...

Important: nvidia-persistenced

Issue Overview: NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service...

VulnCheck KEV: CVE-2026-7482

Ollama before 0.17.1 contains a heap out-of-bounds read vulnerability in the GGUF model loader. The /api/create endpoint accepts an attacker-supplied GGUF file in which the declared tensor offset and size exceed the file's actual length; during quantization in fs/ggml/gguf.go and...

PT-2026-47617

Summary The TDengine DAQ storage connector's escapeTdString at server/runtime/storage/tdengine/index.js:10 doubles single quotes but does not escape backslashes. TDengine's SQL parser treats ' as a literal single quote inside a string, so a tag id of the form x' OR 1=1-- escapes the first single...

PT-2026-47332

Improper Handling of Highly Compressed Data Data Amplification vulnerability in wojtekmach Req allows attacker-controlled HTTP servers to exhaust memory in a Req client via decompression-bomb response bodies. Req's default response pipeline includes Req.Steps.decode body/1 and Req.Steps.decompres...

Amazon Linux 2023 : nvidia-open (ALAS2023NVIDIA-2026-284)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2026-284 advisory. NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successfu...

Amazon Linux 2023 : cuda-drivers (ALAS2023NVIDIA-2026-295)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2026-295 advisory. NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successfu...

PT-2026-47623

Name of the Vulnerable Software and Affected Versions nebula-mesh versions prior to 0.3.1 Description The handleGetAuditLog function in internal/api/audit.go fails to perform an administrative privilege check. While the endpoint is protected by bearer authentication, any valid operator API key...

Important: kmod-nvidia-latest-dkms

Issue Overview: NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service...

State of Agentic AI Security and Governance

An OWASP white paper analyzing the security, governance, and risk management considerations surrounding agentic AI systems, including autonomous decision-making, tool access, prompt injection, data protection, and organizational oversight. This is version 2.01...