When AI tools can mimic the tools devs use every day, even seasoned professionals can be caught out. We saw exactly that last week when a highly credible, fake repository impersonating OpenAI’s Privacy Filter skyrocketed to the top of Hugging Face’s trending list, tricking developers into over 240,000 bot-inflated downloads in just 18 hours. 

Meanwhile, long-dormant legacy code continues to haunt our foundational infrastructure, as security researcher Hyunwoo Kim recently disclosed Dirty Frag, a nine-year-old zero-day vulnerability in the Linux kernel that chains two separate flaws to grant attackers root privileges. 

Beyond these deep technical exploits, it was a chaotic week across the wider cybersecurity landscape: a 23-year-old student managed to trigger emergency brakes on high-speed trains in Taiwan using a software-defined radio, and new research revealed that Microsoft Edge is the only major Chromium browser intentionally loading users' entire password vaults into plaintext memory at startup. Let's dive into the details.

Subscribe to this newsletter
See our services

A fake repository impersonating OpenAI’s Privacy Filter tool climbed to the top of Hugging Face’s trending list last week, pulling in over 240,000 downloads before administrators pulled it down. OpenAI’s actual Privacy Filter is a legitimate, locally-run PII redaction tool. Attackers cloned its documentation almost word-for-word, creating a mirror repository that looked credible enough to fool experienced developers at first glance. Within 18 hours, it had racked up 244,000 downloads and 667 likes – numbers researchers believe were artificially inflated through API-driven bots to manufacture the appearance of a popular, trusted project.
https://thecybersecguru.com/news/fake-openai-privacy-filter-hugging-face/

Security researcher Hyunwoo Kim, who disclosed it earlier today and published a proof-of-concept (PoC) exploit, says this local privilege escalation was introduced roughly nine years ago in the Linux kernel's algif_aead cryptographic algorithm interface. Dirty Frag works by chaining two separate kernel flaws, the xfrm-ESP Page-Cache Write vulnerability and the RxRPC Page-Cache Write vulnerability, to modify protected system files in memory without authorization and achieve privilege escalation.
https://www.bleepingcomputer.com/news/security/new-linux-dirty-frag-zero-day-with-poc-exploit-gives-root-privileges/

Canvas's learning-management platform was hit by a cyberattack that caused widespread outages across colleges and thousands of schools during a critical exam period. The platform disrupted finals and other coursework before administrators reported the system restored access. Institutions are assessing impacts on exams and student submissions as investigations continue.
https://www.digitaltrends.com/computing/canvas-hack-hit-students-at-the-worst-time-and-its-a-wake-up-call-for-schools-everywhere/

Multiple outlets report that Chrome downloaded an approximately 4GB on-device AI model to users' machines without clear consent, sparking confusion and privacy concerns. Follow-up stories clarify the model itself isn’t new but criticize the lack of transparent communication and controls around automatic AI component downloads.
https://www.fastcompany.com/91539366/heres-how-i-finally-got-googles-uninvited-4gb-ai-model-off-my-mac

A security researcher systematically tested every major Chromium-based browser for how they handle credentials in memory. The researcher found that Edge was the only one loading the entire password vault into plaintext process memory at startup, where it remains for the duration of the session
https://x.com/L1v1ng0ffTh3L4N/status/2051308329880719730

Microsoft says Edge’s plaintext password behavior is “by design” | Malwarebytes

A researcher found Edge loads saved passwords into computer memory when it starts, making them easier to steal if a device is already compromised.

A 23-year-old Taiwanese student "hacked" the country's high-speed rail line using an SDR (Software-Defined Radio) filter and radios, remotely broadcasting a General Alarm sign, and triggering a manual emergency braking procedure.
https://www.tomshardware.com/tech-industry/cyber-security/college-student-hacks-taiwan-high-speed-rail-line-stopping-four-trains-19-years-without-crypto-key-rotation-ends-in-predictable-result

The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows and Linux installers, with the Windows payload found deploying a Python-based remote access trojan. The supply chain attack affects those who downloaded installers from the official website between May 6 and May 7, 2026 via the Windows "Download Alternative Installer" links or the Linux shell installer.
https://www.bleepingcomputer.com/news/security/jdownloader-site-hacked-to-replace-installers-with-python-rat-malware/

Poland’s intelligence service said it detected attacks on five water treatment plants where hackers could have taken control of the industrial equipment inside, including, in the worst case, tampering with the safety of the water supply.
https://techcrunch.com/2026/05/08/poland-says-hackers-breached-water-treatment-plants-and-the-u-s-is-facing-the-same-threat/

The IMF has warned that AI is rapidly reshaping cyber risks in the global financial system, with increasingly advanced AI tools capable of amplifying cyberattacks faster than institutions can defend against them. The IMF noted that the modern financial system depends heavily on interconnected digital infrastructure, including cloud services, software platforms, payment networks and shared data systems.
https://www.ibtimes.sg/imf-warns-ai-powered-cyberattacks-could-trigger-chaos-across-global-banking-systems-86219
https://www.imf.org/en/blogs/articles/2026/05/07/financial-stability-risks-mount-as-artificial-intelligence-fuels-cyberattacks

Two U.S. nationals were sentenced to 18 months in prison each for operating so-called laptop farms that helped North Korean IT workers fraudulently obtain remote employment at nearly 70 American companies. Matthew Isaac Knoot and Erick Ntekereze Prince are the seventh and eighth U.S.-based "laptop farmers" sent to prison since the start of the year as part of a federal initiative targeting North Korea's illicit revenue generation schemes.
https://www.bleepingcomputer.com/news/security/americans-sentenced-for-running-laptop-farms-for-north-korea/

Last week, two critical Linux kernel vulnerabilities were disclosed, prompting significant concern within the community. In response, developers are now reviewing a proposal for an emergency “killswitch” mechanism to reduce exposure following public disclosure of serious vulnerabilities.
https://linuxiac.com/linux-kernel-killswitch-proposed-after-recent-vulnerability-disclosures/

Privacy advocates, browser makers, VPN providers, and digital rights groups have signed a joint statement urging UK policymakers to abandon plans for broader online age verification requirements, warning that the measures could undermine privacy, weaken internet openness, and expose users to increased surveillance risks.
https://cyberinsider.com/mozilla-mullvad-proton-sign-letter-opposing-uk-age-verification/

On-chain data shows a bitcoin address that had been inactive since around 2013 moved roughly $40–41 million worth of BTC after a 12-year dormancy. Blockchain analytics flagged the large transfer as notable due to the address’s long period of inactivity and the substantial single transfer occurring amid broader crypto market activity.
https://www.theblock.co/post/400659/bitcoin-whale-moves-41-million

Apple leaks indicate specific feature changes forthcoming in macOS 27 ahead of WWDC, reporting Liquid Glass interface tweaks and potential automatic tab groups in Safari for iOS 27 and macOS. Reports draw on leaked details about multiple UI and feature adjustments expected in the next OS update.
https://www.macrumors.com/2026/05/10/two-macos-27-changes-rumored/