all InfoSec news
AI framework vulnerability is being used to compromise enterprise servers (CVE-2023-48022)
Help Net Security www.helpnetsecurity.com
Attackers are leveraging a vulnerability (CVE-2023-48022) in Anyscale’s Ray AI software to compromise enterprise servers and saddle them with cryptominers and reverse shells. “To our knowledge, the attack started 7 months ago,” Avi Lumelsky, a researcher at Oligo Security, told Help Net Security. “We observed hundreds of compromised clusters in the past three weeks alone. Each cluster uses a public IP address, and most clusters contain hundreds to thousands of servers. There are hundreds of … More →
The post …
ai software anyscale attack attackers authentication bishop fox clusters compromise compromised cryptominers cve don't miss enterprise framework help net security hot stuff knowledge machine learning oligo oligo security ray researcher reverse security servers shells software vulnerability