Hackers have launched unprecedented cyberattacks on companies' AI workloads, exploiting a vulnerability in the Ray, an open-source AI framework. These attacks have resulted in the installation of cryptominers on exposed servers and the leakage of sensitive tokens from major companies like OpenAI, Stripe, and Slack. The vulnerability, dubbed 'ShadowRay', has impacted thousands of companies and servers running AI infrastructure. Security researchers from OligoSecurity and The Hacker News have highlighted the critical nature of this unpatched vulnerability, emphasizing its widespread effect on the technology and cybersecurity landscapes.
'ShadowRay' vulnerability on Ray framework exposes thousands of AI workloads, compute power and data https://t.co/UWazJUznPq https://t.co/z7WTGDHDlt
Critical Unpatched Ray AI Platform Vulnerability Exploited for Cryptocurrency Mining https://t.co/HJx0sxdPdc
Critical Unpatched Ray AI Platform Vulnerability Exploited for Cryptocurrency Mining: https://t.co/JjievGeRg9 by The Hacker News #infosec #cybersecurity #technology #news
An active attack targeting a vulnerability in Ray, a widely used open-source AI framework, has impacted thousands of companies and servers running AI infrastructure, according to @OligoSecurity. #cybersecurity #infosec #ITsecurity https://t.co/ajfTLo0vv0
NEW - Hackers have launched what researchers say are unprecedented cyberattacks on companies' AI workloads, targeting the Ray framework. Most are installing cryptominers on the accidentally exposed servers. Some OpenAI/Stripe/Slack tokens leaked. https://t.co/a8vQJ4NqtG