all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

LLMjacking: Stolen Cloud Credentials Used in New AI Attack

Add to bookmarks
April 25, 2024, 2:05 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

The Sysdig Threat Research Team (TRT) recently observed a new attack that leveraged stolen cloud credentials in order to target 10 cloud-hosted large language model (LLM) services, known as LLMjacking. The credentials were obtained from a system running a vulnerable version of Laravel (CVE-2021-3129), which is a popular target. Attacks against LLM-based Artificial Intelligence (AI) systems have been discussed often, but mostly around prompt abuse and altering training data. Attackers have other ideas about abusing these systems, including …

ai attack attack attacks cloud credentials cve language laravel large large language model llm order popular research running services stolen sysdig sysdig threat research team system target team threat threat research version vulnerable

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Sintesi riepilogativa delle campagne malevole nella settimana del 27 Aprile – 3 Maggio 2024 2 hours ago | malware.news
cert con cui dei +2
Malware Simulators cannot test Antivirus Software 13 hours ago | malware.news
malware analysis topic
Ready2Run - Is dnSpy dead? 13 hours ago | malware.news
malware analysis topic
Security above all else—expanding Microsoft’s Secure Future Initiative 16 hours ago | malware.news
cyberattacks cybersecurity future high +11
FBI warns of email spoofing by North Korean threat actor Kimsuky 19 hours ago | malware.news
actor article dmarc domains +16
You get a passkey, you get a passkey, everyone should get a passkey 23 hours ago | malware.news
accounts can consumer cracked +10
Attackers evade detection by leveraging Microsoft Graph API 23 hours ago | malware.news
api article attackers cloud +15
Weird Al, Docker, OT, Gitlab, Credit Monitoring, Dropbox, Cisco, AI, Aaran Leyland... - SWN #383 1 day ago | malware.news
article cisco credit credit monitoring +8
Code faster with generative AI, but beware the risks when you do 1 day ago | malware.news
article can code coding +13

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

IT Security Manager

@ Timocom GmbH | Erkrath, Germany
View on infosec-jobs.com

Cybersecurity Service Engineer

@ Motorola Solutions | Singapore, Singapore
View on infosec-jobs.com

Sr Cybersecurity Vulnerability Specialist

@ Health Care Service Corporation | Chicago Illinois HQ (300 E. Randolph Street)
View on infosec-jobs.com

Associate, Info Security (SOC) analyst

@ Evolent | Pune
View on infosec-jobs.com

Public Cloud Development Security and Operations (DevSecOps) Manager

@ Danske Bank | Copenhagen K, Denmark
View on infosec-jobs.com

Cybersecurity Risk Analyst IV

@ Computer Task Group, Inc | United States
View on infosec-jobs.com
View more jobs