Google's Threat Intelligence Group just published a snapshot of state-sponsored and criminal actors using LLMs across the full attack lifecycle. The most striking case is PROMPTSPY — an Android backdoor that queries Gemini at runtime to autonomously navigate your phone's UI, intercept biometric gestures, and block its own uninstall. This case study walks through how that works, plus the AI-developed zero-day 2FA bypass, agentic recon frameworks, and LLM-obfuscated malware that round out the report.
CVE-2026-7482 is a critical (CVSS 9.1) unauthenticated heap out-of-bounds read in Ollama's GGUF parser. An attacker uploads a crafted model, calls /api/create, and walks away with your process memory — API keys, system prompts, user conversations, the lot. Around 300,000 internet-exposed Ollama servers are vulnerable. Here's exactly how the bug works, how to check if you're affected, and what to do about it.
A practical guide to running Qwen3-Coder-32B on 8× Tesla V100 GPUs using vLLM — navigating compute capability 7.0 limitations, pinning the right NVIDIA driver and CUDA versions, and compiling vLLM from source when pip won't cut it.
CVE-2026-7482 is a critical (CVSS 9.1) unauthenticated heap out-of-bounds read in Ollama's GGUF parser. An attacker uploads a crafted model, calls /api/create, and walks away with your process memory — API keys, system prompts, user conversations, the lot. Around 300,000 internet-exposed Ollama servers are vulnerable. Here's exactly how the bug works, how to check if you're affected, and what to do about it.
Google's Threat Intelligence Group just published a snapshot of state-sponsored and criminal actors using LLMs across the full attack lifecycle. The most striking case is PROMPTSPY — an Android backdoor that queries Gemini at runtime to autonomously navigate your phone's UI, intercept biometric gestures, and block its own uninstall. This case study walks through how that works, plus the AI-developed zero-day 2FA bypass, agentic recon frameworks, and LLM-obfuscated malware that round out the report.
A practical guide to running Qwen3-Coder-32B on 8× Tesla V100 GPUs using vLLM — navigating compute capability 7.0 limitations, pinning the right NVIDIA driver and CUDA versions, and compiling vLLM from source when pip won't cut it.