VulnHub

Researchers from Striga have identified two vulnerabilities in Ollama’s Windows auto-updater, designated as CVE-2026-42248 and CVE-2026-42249. When exploited together, these flaws could enable an attacker to install a persistent executable that would run every time a user logs in. Ollama is an open-source tool used for running large language models locally, appealing to users concerned about data privacy and cost. This discovery raises significant security concerns, as it could allow unauthorized access to user systems, potentially compromising sensitive data. Users of Ollama should be particularly vigilant and consider the implications of these vulnerabilities on their security posture.

Progress Software has issued a warning about a serious vulnerability in MOVEit Automation, identified as CVE-2026-4670. This flaw impacts several versions of the software, which is widely used for automating file transfers and workflows. Organizations using affected versions should be concerned, as this vulnerability could potentially be exploited by attackers to gain unauthorized access or disrupt operations. It is crucial for companies to assess their systems and apply necessary updates to protect sensitive data. The company has urged users to monitor their systems closely and take immediate action to mitigate any risks associated with this vulnerability.

The Federal Trade Commission (FTC) has decided to ban Kochava, a data broker, along with its subsidiary Collective Data Solutions, from selling location data of American consumers without their explicit consent. This decision follows allegations that Kochava was selling precise geolocation data collected from millions of mobile devices, raising significant privacy concerns. The FTC's action aims to protect consumer privacy by ensuring that individuals have control over their personal location information. This is particularly important as location data can reveal sensitive details about individuals' habits and routines. The ruling could set a precedent for how data brokers handle consumer data in the future, emphasizing the need for transparency and consent in data practices.

Research conducted by Noah M. Kenney, founder of Digital 520, has raised concerns about the privacy risks associated with public voter data. The study focused on data from Travis County, Texas, and Robeson County, North Carolina, revealing that sensitive information about voters could be exposed. This issue potentially affects millions of individuals whose voting records are publicly accessible, making them vulnerable to identity theft and other privacy breaches. The findings emphasize the need for better protection of voter information, especially as elections approach and data misuse becomes more prevalent. Ensuring that this data is adequately secured is crucial for maintaining public trust in the electoral process.

A recent report from HeroDevs points out a significant oversight in software composition analysis (SCA) tools regarding end-of-life (EOL) software. Many organizations rely on these tools to identify vulnerabilities in open source software, but they often overlook critical vulnerabilities in EOL software that no longer receives updates or support. This gap can leave systems exposed to attacks, as vulnerabilities in unsupported software may not be included in common CVE feeds. HeroDevs offers a free scan service to help organizations identify EOL software in their projects, which is crucial for maintaining security. Companies that continue to use outdated software without awareness of these vulnerabilities could face serious security risks.

According to recent findings from Orange Cyberdefense, internal threats to companies have risen dramatically, now accounting for 57% of all security risks. This marks the first time that threats originating from within organizations have surpassed those coming from external sources. The report suggests that employees, whether intentionally or unintentionally, pose a significant risk to data security, making it crucial for companies to reassess their security protocols and training programs. With more sensitive information being handled internally, organizations need to focus on monitoring user behavior and implementing stricter access controls. This shift in the nature of threats emphasizes the need for a comprehensive approach to cybersecurity that includes both internal and external factors.

Joey Melo, an AI red team specialist, shared insights into his techniques for breaching AI systems, specifically focusing on methods like jailbreaking and data poisoning. These tactics allow him to manipulate the guardrails that developers put in place to protect machine learning models. By exposing vulnerabilities in AI, Melo aims to help developers fortify their systems against potential attacks. His work is critical as AI becomes more integrated into various sectors, and understanding these risks is essential for creating more secure AI applications. The conversation emphasizes the need for vigilance in AI development to prevent malicious exploitation.

In April, the Vimeo platform was hacked by the ShinyHunters extortion gang, leading to the theft of personal information from more than 119,000 users. The breach was confirmed by data breach notification service Have I Been Pwned, which monitors and reports on such incidents. Those affected may have had their names, email addresses, and other personal details compromised. This incident raises concerns about the security measures in place at Vimeo and the potential for further exploitation of the stolen data. Users are advised to monitor their accounts for any suspicious activity and consider changing their passwords to enhance security.

The Cybersecurity and Infrastructure Security Agency (CISA) has launched a new initiative aimed at strengthening the security of America's critical infrastructure. This program is designed to enhance collaboration between government and private sector entities responsible for vital services, such as energy, water, and transportation. By providing resources and guidance, CISA hopes to better prepare these sectors against potential cyber threats. The initiative comes amid rising concerns about cyberattacks targeting essential services, which can have widespread consequences for public safety and national security. This proactive approach is crucial as it seeks to mitigate risks and protect the infrastructure that millions of Americans rely on daily.

A serious vulnerability, identified as CVE-2026-0073, has been discovered in the Android System component. This flaw allows attackers to execute remote code without any user interaction, posing a significant risk to devices running affected versions of Android. Users of Android devices should be particularly cautious, as this vulnerability could lead to unauthorized access and control over their devices. The potential for exploitation is high, making it crucial for users to apply the latest security updates. Android's security team has addressed this issue by releasing a patch to fix the vulnerability, and all users are encouraged to update their devices promptly to mitigate any risks.

Oracle has announced a significant change to its security update process, set to take effect in May 2026. The company will introduce a monthly Critical Security Patch Update (CSPU) that aims to deliver smaller, more targeted fixes for security vulnerabilities. This new approach will complement the existing quarterly Critical Patch Updates (CPUs), which will continue to include all fixes from previous CSPUs. The shift to monthly updates is designed to make it easier for organizations to apply critical security fixes promptly. This change is particularly relevant for companies managing their own deployments, as it emphasizes the need for timely updates in an ever-evolving cybersecurity landscape.

Recent updates to Apache MINA and the Apache HTTP Server have addressed several high-severity vulnerabilities, with the most critical flaw allowing remote attackers to execute arbitrary code. This vulnerability poses a significant risk to users of these software platforms, as it could lead to unauthorized access and control over affected systems. Organizations that rely on Apache MINA and the HTTP Server need to prioritize applying these patches to safeguard their infrastructure. The updates are essential not only for protecting sensitive data but also for ensuring the overall integrity of services running on these platforms. Users should stay vigilant and ensure their installations are up to date to mitigate potential risks.