.jpg)
There has been a hacking attack on a widely used open-source AI framework called Ray, which hackers have exploited to gain unauthorized access to servers and hijack their resources, as a result of an unpatched vulnerability. It has been documented that the hacking campaign dubbed ShadowRay has been active since September 5, 2023, and is affecting sectors such as education, crypto-currency, and biotechnology.
This is one of the most free and open-source solutions for AI and Python applications that have been developed by Anyscale which helps them scale across a cluster of computers for distributed computing tasks using Ray.
With over 30,500 stars on GitHub, it has been used by organizations like Amazon, Spotify, LinkedIn, Instacart, Netflix, Uber, and OpenAI to train ChatGPT globally.
According to security researchers, threat actors actively exploit an unpatched vulnerability in an open-source artificial intelligence (AI) platform named Anyscale Ray to steal computing power and mine illicit cryptocurrencies. Threat actors have reportedly exploited this vulnerability for quite some time.
The report of application security firm Oligo says that these attacks have been occurring since at least September 5, 2023, and have targeted industries such as education, cryptocurrency, biotechnology, and others. According to Anyscale, Ray is
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: