Daily Signal - page 26A daily journal at the intersection of AI and cybersecurity. Tuesday, May 5, 2026 Ollama 'Bleeding Llama' Bug Exposes ~300,000 Deployments to Unauthenticated Info Theft vulnerability · llm MetInfo CMS CVE-2026-29014 Under Active Exploitation — Unauthenticated RCE (CVSS 9.8) rce · cve · zero-day · vulnerability ScarCruft Compromises Gaming Platform to Deploy BirdCall Backdoor on Android and Windows supply-chain · malware · zero-day Weaver E-cology CVE-2026-22679 Actively Exploited — CVSS 9.8 Unauthenticated RCE via Debug API rce · cve · zero-day · vulnerability Monday, May 4, 2026 IBM Releases Granite 4.1 LLM Family Under Apache 2.0 model-release · llm · ai-launch Backdoored PyTorch Lightning Package on PyPI Delivers Credential Stealer supply-chain · pypi · malware · infostealer Trellix Discloses Data Breach After Source Code Repository Hack data-breach · supply-chain Anthropic and OpenAI Both Launch Enterprise AI Joint Ventures with Asset Managers anthropic · openai · ai-launch ← Newer Page 26 of 42 Older →
Ollama 'Bleeding Llama' Bug Exposes ~300,000 Deployments to Unauthenticated Info Theft vulnerability · llm
MetInfo CMS CVE-2026-29014 Under Active Exploitation — Unauthenticated RCE (CVSS 9.8) rce · cve · zero-day · vulnerability
ScarCruft Compromises Gaming Platform to Deploy BirdCall Backdoor on Android and Windows supply-chain · malware · zero-day
Weaver E-cology CVE-2026-22679 Actively Exploited — CVSS 9.8 Unauthenticated RCE via Debug API rce · cve · zero-day · vulnerability
Backdoored PyTorch Lightning Package on PyPI Delivers Credential Stealer supply-chain · pypi · malware · infostealer
Anthropic and OpenAI Both Launch Enterprise AI Joint Ventures with Asset Managers anthropic · openai · ai-launch