CyberSecurityBoard
Sponsor Register Login

1100 Ollama AI Servers Exposed Due to Misconfiguration

A recent cybersecurity incident has exposed over 1100 Ollama AI servers due to a critical misconfiguration. This exposure potentially allowed unauthorized access to sensitive AI data and models hosted on these servers. Ollama, a company specializing in AI technology, faced significant risks as attackers could exploit this vulnerability to steal proprietary information or disrupt services. The incident highlights the importance of secure cloud configurations and continuous monitoring to prevent such exposures. Organizations leveraging AI infrastructure must implement stringent security controls and conduct regular audits to safeguard their assets. This event serves as a cautionary tale for the AI industry, emphasizing the need for robust cybersecurity practices in managing AI deployments.

This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 04 Sep 2025 05:00:13 +0000


Cyber News related to 1100 Ollama AI Servers Exposed Due to Misconfiguration

Probllama: Ollama Remote Code Execution Vulnerability - Ollama is one of the most popular open-source projects for running AI Models, with over 70k stars on GitHub and hundreds of thousands of monthly pulls on Docker Hub. Inspired by Docker, Ollama aims to simplify the process of packaging and deploying ...
1 year ago Packetstormsecurity.com
1100 Ollama AI Servers Exposed Due to Misconfiguration - A recent cybersecurity incident has exposed over 1100 Ollama AI servers due to a critical misconfiguration. This exposure potentially allowed unauthorized access to sensitive AI data and models hosted on these servers. Ollama, a company specializing ...
5 months ago Cybersecuritynews.com
CVE-2022-29516 - The web console of FUJITSU Network IPCOM series (IPCOM EX2 IN(3200, 3500), IPCOM EX2 LB(1100, 3200, 3500), IPCOM EX2 SC(1100, 3200, 3500), IPCOM EX2 NW(1100, 3200, 3500), IPCOM EX2 DC, IPCOM EX2 DC, IPCOM EX IN(2300, 2500, 2700), IPCOM EX LB(1100, ...
3 years ago
Attacker Targets Hadoop YARN, Flint Servers in Stealthy Campaign - A threat actor is targeting a common misconfiguration in Hadoop YARN and Apache Flink to try and drop Monero cyrptominers in environments running the two big data technologies. What makes the campaign especially notable is the adversary's use of ...
2 years ago Darkreading.com
900+ websites Exposing 10M+ Passwords: Most in Plaintext - Over 900 websites inadvertently expose over 10 million passwords, many of which are in plaintext, alongside sensitive billing information and personally identifiable information of approximately 125 million users. This massive data exposure is ...
1 year ago Gbhackers.com
New HeadCrab Malware Hijacks 1,200 Redis Servers - Since September 2021, over a thousand vulnerable Redis servers online have been infected by a stealthy malware dubbed "HeadCrab", designed to build a botnet that mines Monero cryptocurrency. At least 1,200 servers have been infected by the HeadCrab ...
3 years ago Heimdalsecurity.com
CVE-2025-0312 - A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to create a customized GGUF model file that, when uploaded and created on the Ollama server, can cause a crash due to an unchecked null pointer dereference. This can lead ...
10 months ago
Over 1,200 SAP NetWeaver servers vulnerable to actively exploited flaw - Researchers reported that the threat actors are utilizing webshells with names like, "cache.jsp" and "helper.jsp." Howver, Nextron Research says they are also using random names, making it more difficult to find vulnerable Netweaver ...
9 months ago Bleepingcomputer.com CVE-2025-31324
CVE-2025-0315 - A vulnerability in ollama/ollama <=0.3.14 allows a malicious user to create a customized GGUF model file, upload it to the Ollama server, and create it. This can cause the server to allocate unlimited memory, leading to a Denial of Service (DoS) ...
10 months ago
CVE-2025-0317 - A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to upload and create a customized GGUF model file on the Ollama server. This can lead to a division by zero error in the ggufPadding function, causing the server to crash ...
10 months ago
HeadCrab Malware Infects 1,200 Redis Servers to Mine Monero Cryptocurrency - A new stealthy malware, HeadCrab, designed to hunt down vulnerable Redis servers online has infected over a thousand of them since September 2021. Discovered by Aqua Security researchers Nitzan Yaakov and Asaf Eitani, the malware has so far ensnared ...
3 years ago Bleepingcomputer.com
Android game dev's Google Drive misconfig highlights cloud security risks - Japanese game developer Ateam has proven that a simple Google Drive configuration mistake can result in the potential but unlikely exposure of sensitive information for nearly one million people over a period of six years and eight months. The ...
2 years ago Bleepingcomputer.com
Thousands of Outdated Microsoft Exchange Servers are Susceptible to Cyber Attacks - A large number of Microsoft Exchange email servers in Europe, the United States, and Asia are currently vulnerable to remote code execution flaws due to their public internet exposure. These servers are running out-of-date software that is no longer ...
2 years ago Cysecurity.news CVE-2021-27065
Hugging Face API tokens exposed, major projects vulnerable The Register - The API tokens of tech giants Meta, Microsoft, Google, VMware, and more have been found exposed on Hugging Face, opening them up to potential supply chain attacks. Researchers at Lasso Security found more than 1,500 exposed API tokens on the open ...
2 years ago Go.theregister.com
3,000 Apache ActiveMQ servers vulnerable to RCE attacks exposed online - Over three thousand internet-exposed Apache ActiveMQ servers are vulnerable to a recently disclosed critical remote code execution vulnerability. Apache ActiveMQ is a scalable open-source message broker that fosters communication between clients and ...
2 years ago Bleepingcomputer.com CVE-2023-46604 CVE-2023-4660
Cloudflare says 1.1.1.1 outage not caused by attack or BGP hijack - To quash speculation of a cyberattack or BGP hijack incident causing the recent 1.1.1.1 Resolver service outage, Cloudflare explains in a post mortem that the incident was caused by an internal misconfiguration. Cloudflare also points out that the ...
6 months ago Bleepingcomputer.com
Hackers Compromised Over 1,200 Redis Database Servers - A new type of malware, designed to target vulnerable Redis servers on the internet, has been spreading rapidly since September 2021. This is a quick-spreading malware, designed to operate stealthily, that has already infiltrated over thousand ...
3 years ago Cybersecuritynews.com
Over 11M SSH Servers are Vulnerable to new Terrapin Attack - Previously, in December 2023, it was reported that SSH servers were vulnerable to the new Terrapin Attack in which threat actors can downgrade an SSH protocol version, making it vulnerable to exploitation. This attack can also be used to redirect ...
2 years ago Cybersecuritynews.com
Configuring Email Security With DMARC, SPF, And DKIM - DMARC, or Domain-based Message Authentication, Reporting, and Conformance, ties SPF and DKIM results together and allows domain owners to specify how receiving mail servers should handle unauthenticated messages. SPF, or Sender Policy Framework, is a ...
9 months ago Cybersecuritynews.com
Over 20,000 vulnerable Microsoft Exchange servers exposed to attacks - Tens of thousands of Microsoft Exchange email servers in Europe, the U.S., and Asia exposed on the public internet are vulnerable to remote code execution flaws. The mail systems run a software version that is currently unsupported and no longer ...
2 years ago Bleepingcomputer.com CVE-2021-26855 CVE-2021-27065
Millions of user records exposed by 900+ sites via Firebase The Register - At least 900 websites built with Google's Firebase, a cloud database, have been misconfigured, leaving credentials, personal info, and other sensitive data inadvertently exposed to the public internet, according to security researchers. Among these ...
1 year ago Go.theregister.com
CVE-2013-1601 - An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi ...
4 years ago
JetBrains warns of new TeamCity auth bypass vulnerability - JetBrains urged customers today to patch their TeamCity On-Premises servers against a critical authentication bypass vulnerability that can let attackers take over vulnerable instances with admin privileges. Tracked as CVE-2024-23917, this critical ...
2 years ago Bleepingcomputer.com CVE-2024-23917 CVE-2023-42793 Andariel APT29
CVE-2013-1603 - An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 ...
4 years ago
Exposed Hugging Face API tokens jeopardized GenAI models - Lasso Security researchers discovered 1,681 Hugging Face API tokens exposed in code repositories, which left vendors such as Google, Meta, Microsoft and VMware open to potential supply chain attacks. In a blog post published Monday, Lasso Security ...
2 years ago Techtarget.com

Latest Cyber News


    Cyber Trends (last 7 days)


    Trending Cyber News (last 7 days)