March 27, 2024, 11:02 a.m. | Zeljka Zorz

Help Net Security www.helpnetsecurity.com

Attackers are leveraging a vulnerability (CVE-2023-48022) in Anyscale’s Ray AI software to compromise enterprise servers and saddle them with cryptominers and reverse shells. “To our knowledge, the attack started 7 months ago,” Avi Lumelsky, a researcher at Oligo Security, told Help Net Security. “We observed hundreds of compromised clusters in the past three weeks alone. Each cluster uses a public IP address, and most clusters contain hundreds to thousands of servers. There are hundreds of … More →


The post …

ai software anyscale attack attackers authentication bishop fox clusters compromise compromised cryptominers cve don't miss enterprise framework help net security hot stuff knowledge machine learning oligo oligo security ray researcher reverse security servers shells software vulnerability

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

Information Security Engineers

@ D. E. Shaw Research | New York City

Security Engineer, Incident Response

@ Databricks | Remote - Netherlands

Associate Vulnerability Engineer - Mid-Atlantic region (Part-Time)

@ GuidePoint Security LLC | Remote in VA, MD, PA, NC, DE, NJ, or DC

Data Security Architect

@ Accenture Federal Services | Washington, DC

Identity Security Administrator

@ SailPoint | Pune, India