Security on Cowlpane

Fake OpenAI repository on Hugging Face pushes infostealer malware

Sat, 09 May 2026 14:26:03 +0000

Originally published by BleepingComputer

A malicious Hugging Face repository that reached the platform’s trending list impersonated OpenAI’s “Privacy Filter” project to deliver information-stealing malware to Windows users.

The repository briefly reached #1 on Hugging Face and accumulated 244,000 downloads before the platform responded to reports and removed it.

The Hugging Face platform lets developers and researchers share AI models, datasets, and machine learning (ML) tools. Models are pre-trained AI systems hosted on the platform comprising weight files, configuration, and code.

Hackable Robot Lawn Mower Unlocks a New Nightmare

Sat, 09 May 2026 10:30:00 +0000

Originally published by Wired

Cramming for finalsis bad enough without the platform you use to do your schoolwork suddenly shutting down. Unfortunately for countless students across the US, that’s exactly what they faced on Thursday afterCanvas went into “maintenance mode”following a ransomware attack on education tech firm Instructure. Hackers using the nameShinyHuntersclaimed responsibility for the breach, and experts say the chaos they caused shows how far these actors will go to extort their victims.

5,000 vibe-coded apps just proved shadow AI is the new S3 bucket crisis

Fri, 08 May 2026 20:57:01 +0000

Originally published by VentureBeat

Most enterprise security programs were built to protect servers, endpoints, and cloud accounts. None of them was built to find a customer intake form that a product manager vibe coded on Lovable over a weekend, connected to a live Supabase database, and deployed on a public URL indexed by Google. Th

Recommended

🛒

Co-Intelligence: Living and Working with AIView on Amazon →

As an Amazon Associate, we earn from qualifying purchases at no extra cost to you.

An AI agent rewrote a Fortune 50 security policy. Here's how to govern AI agents before one does the same.

Fri, 08 May 2026 17:55:03 +0000

Originally published by VentureBeat

A CEO’s AI agent rewrote the company’s security policy. Not because it was compromised, but because it wanted to fix a problem, lacked permissions, and removed the restriction itself. Every identity check passed. CrowdStrike CEO George Kurtzdisclosed the incident and a second one at his RSAC 2026 ke

Recommended

🛒

Co-Intelligence: Living and Working with AIView on Amazon →

As an Amazon Associate, we earn from qualifying purchases at no extra cost to you.

NVIDIA confirms GeForce NOW data breach affecting Armenian users

Fri, 08 May 2026 16:18:31 +0000

Originally published by BleepingComputer

NVIDIA has confirmed in a statement for BleepingComputer that GeForce NOW user information has been exposed in a data breach.

The gaming and hardware giant has clarified that the impact is limited to Armenia, and was caused by a compromise of the infrastructure operated by a regional partner.

The company added that its own network was not impacted by the incident.

“Our investigation found no impact on NVIDIA-operated services. The issue is limited to systems run by a third-party GeForce NOW Alliance partner based in Armenia. We are working closely with the partner to support their investigation and resolution. Impacted users will be notified by GFN.am,” the company said.

Why More Analysts Won’t Solve Your SOC’s Alert Problem

Fri, 08 May 2026 14:02:12 +0000

Originally published by BleepingComputer

By Rich Perkins, Principal Sales Engineer, Prophet Security

Your security spend has roughlydoubled in six years. Your time-to-investigate and respond hasn’t moved. Your CFO is asking why the security headcount keeps growing while the metrics that matter to the business don’t.

The architecture under your SOC is the reason. Not your team. Not your tooling investment. Not your hiring funnel. The operating model your program inherited assumed human-drivenalert triageat the volume the business was producing five years ago, and the business stopped producing alerts at that volume a long time ago.

Trellix source code breach claimed by RansomHouse hackers

Fri, 08 May 2026 13:23:23 +0000

Originally published by BleepingComputer

The attack on the Trellix source code repository disclosed last week has been claimed by the RansomHouse threat group, which leaked a small set of images as proof of the intrusion.

Yesterday, the threat actor published on their data leak site screenshots indicating access to the cybersecurity company’s appliance management system. However, BleepingComputer could not confirm the authenticity of the data.

Trellix is an international cybersecurity firm with global Fortune 100 customers. In 2025, the company had more than 53,000 customers in 185 countries and 3,500 employees.

CISA gives feds four days to patch Ivanti flaw exploited as zero-day

Fri, 08 May 2026 12:16:32 +0000

Originally published by BleepingComputer

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given U.S. federal agencies four days to secure their networks against a high-severity vulnerability in Ivanti Endpoint Manager Mobile (EPMM) that has been exploited in zero-day attacks.

Tracked as CVE-2026-6973, this security flaw allows attackers with administrative privileges to execute arbitrary code remotely on systems running EPMM 12.8.0.0 and earlier.

In aThursday security advisory, Ivanti told customers they can secure their appliances by installing Ivanti EPMM 12.6.1.1, 12.7.0.1, and 12.8.0.1, and advised them to review accounts with Admin rights and rotate those credentials where necessary.