New CVEs in Ollama & DAEMON Tools; Webhooks Lack Signature Checks
New CVEs in Ollama & DAEMON Tools; Webhooks Lack Signature Checks
Ollama 与 DAEMON Tools 出现新 CVE;Webhooks 缺乏签名校验
Today’s Highlights
今日要点
This week’s security highlights include a critical unauthenticated memory leak in the Ollama LLM framework and an ongoing supply chain attack targeting DAEMON Tools software. Additionally, a large-scale scan exposed that over a quarter of web applications fail to validate Stripe webhook signatures, leaving them vulnerable to payment bypasses and fraud. 本周的安全重点包括 Ollama 大语言模型框架中一个未经身份验证的关键内存泄漏漏洞,以及针对 DAEMON Tools 软件的持续供应链攻击。此外,一项大规模扫描显示,超过四分之一的 Web 应用程序未能验证 Stripe Webhook 签名,使其容易受到支付绕过和欺诈攻击。
Popular DAEMON Tools software infected – supply chain attack ongoing since April 8, 2026
热门软件 DAEMON Tools 被感染——自 2026 年 4 月 8 日起持续遭受供应链攻击
This report details a significant supply chain attack targeting the widely used DAEMON Tools software, a popular utility for mounting disc images and managing virtual drives. The attackers managed to compromise the software’s distribution channel, injecting malicious code into legitimate updates. This allows them to distribute tampered versions of the software to unsuspecting users. 本报告详细介绍了一起针对广泛使用的 DAEMON Tools 软件的重大供应链攻击,该软件是用于挂载光盘镜像和管理虚拟驱动器的常用工具。攻击者成功入侵了该软件的分发渠道,将恶意代码注入到合法的更新程序中。这使得他们能够向毫无戒心的用户分发被篡改的软件版本。
Supply chain attacks pose a critical risk as they exploit the trust users place in software vendors. By compromising a popular application like DAEMON Tools, which often requires elevated system privileges, attackers gain access to a broad user base. This foothold can potentially lead to the installation of backdoors, comprehensive data exfiltration, or further system compromises on affected machines, bypassing traditional perimeter defenses. 供应链攻击构成了严重风险,因为它们利用了用户对软件供应商的信任。通过入侵像 DAEMON Tools 这样通常需要提升系统权限的热门应用程序,攻击者可以接触到庞大的用户群。这种立足点可能导致在受影响的机器上安装后门、进行全面的数据窃取或进一步的系统入侵,从而绕过传统的边界防御。
Organizations and individual users are urged to verify the authenticity and integrity of all software downloads and updates, especially for applications like DAEMON Tools that interact deeply with the operating system. Implementing software whitelisting and regularly auditing software provenance can help mitigate such risks. 我们敦促组织和个人用户验证所有软件下载和更新的真实性和完整性,特别是对于像 DAEMON Tools 这样与操作系统深度交互的应用程序。实施软件白名单并定期审计软件来源有助于降低此类风险。
Comment: Another day, another supply chain attack on a widely used tool. It’s a stark reminder that even trusted software can be weaponized. Companies need to look beyond their own perimeter and secure their entire software delivery pipeline. 评论: 又是一起针对常用工具的供应链攻击。这再次严厉提醒我们,即使是受信任的软件也可能被武器化。企业需要超越自身边界,确保整个软件交付流水线的安全。
Bleeding Llama: Critical Unauthenticated Memory Leak in Ollama (CVE-2026–7482)
Bleeding Llama:Ollama 中的关键未经身份验证内存泄漏漏洞 (CVE-2026–7482)
A critical vulnerability, dubbed “Bleeding Llama” (CVE-2026–7482), has been discovered in Ollama, a popular open-source framework for running large language models (LLMs) locally on a personal machine or server. This unauthenticated memory leak allows remote attackers to potentially extract sensitive information from the Ollama server’s memory without requiring any form of authentication or prior access. Ollama 是一个用于在个人计算机或服务器上本地运行大语言模型(LLM)的流行开源框架,研究人员在其中发现了一个被称为“Bleeding Llama”(CVE-2026–7482)的关键漏洞。这种未经身份验证的内存泄漏允许远程攻击者在无需任何形式的身份验证或预先访问的情况下,从 Ollama 服务器的内存中提取敏感信息。
The ability to perform an unauthenticated memory leak is extremely dangerous, as it can expose a wide array of confidential data. This could include API keys, user-specific data, sensitive prompts, model weights, or other confidential operational details stored in memory during an LLM’s operation. Such information could be used for further exploitation, intellectual property theft, or privacy breaches. 能够执行未经身份验证的内存泄漏极其危险,因为它可能暴露大量机密数据。这可能包括 API 密钥、用户特定数据、敏感提示词、模型权重,或其他在 LLM 运行期间存储在内存中的机密操作细节。此类信息可能被用于进一步的攻击、知识产权盗窃或隐私泄露。
Defenders need to prioritize securing LLM endpoints, implementing strict access controls, and continuously monitoring for memory corruption and information disclosure vulnerabilities. Users of Ollama are advised to apply patches immediately as they become available and to review network exposure of their Ollama instances to mitigate this severe risk. 防御者需要优先保护 LLM 端点,实施严格的访问控制,并持续监控内存损坏和信息泄露漏洞。建议 Ollama 用户在补丁发布后立即进行更新,并检查其 Ollama 实例的网络暴露情况,以减轻这一严重风险。
Comment: An unauthenticated memory leak in an LLM serving tool is a nightmare scenario. It shows how critical it is to apply traditional security rigor to AI infrastructure, especially when it handles sensitive data or models. Patch immediately. 评论: LLM 服务工具中出现未经身份验证的内存泄漏简直是噩梦。这表明将传统的安全严谨性应用于 AI 基础设施是多么重要,尤其是在处理敏感数据或模型时。请立即打补丁。
We probed 6,000 web apps for Stripe webhook signature checks. 1,542 don’t bother.
我们对 6,000 个 Web 应用进行了 Stripe Webhook 签名检查探测,其中 1,542 个未进行校验。
A recent scanning project revealed a concerning trend: a significant number of web applications—specifically 1,542 out of 6,000 probed—are failing to validate Stripe webhook signatures. This widespread omission creates a critical vulnerability where attackers can forge checkout.session.completed events or other webhook notifications, essentially tricking an application into believing a legitimate event occurred when it did not.
最近的一项扫描项目揭示了一个令人担忧的趋势:在探测的 6,000 个 Web 应用程序中,有 1,542 个未能验证 Stripe Webhook 签名。这种普遍的疏忽造成了一个关键漏洞,攻击者可以伪造 checkout.session.completed 事件或其他 Webhook 通知,从而欺骗应用程序,使其误以为发生了合法的事件。
Stripe webhooks are designed to inform applications about various events in a user’s Stripe account (e.g., successful payments, subscription updates), and signature verification is the primary mechanism to ensure these notifications genuinely originate from Stripe and have not been tampered with in transit. The lack of webhook signature validation is a common and often overlooked oversight in application security, frequently stemming from developer unfamiliarity with security best practices or pressures to rapidly implement features. Stripe Webhook 旨在通知应用程序有关用户 Stripe 账户中的各种事件(例如支付成功、订阅更新),而签名验证是确保这些通知确实来自 Stripe 且在传输过程中未被篡改的主要机制。缺乏 Webhook 签名验证是应用程序安全中常见且常被忽视的疏忽,通常源于开发人员对安全最佳实践的不熟悉或快速实现功能的压力。