Security News > 2024 > March > Critical Unpatched Ray AI Platform Vulnerability Exploited for Cryptocurrency Mining

2024-03-27 10:39
Cybersecurity researchers are warning that threat actors are actively exploiting a "disputed" and unpatched vulnerability in an open-source artificial intelligence (AI) platform called Anyscale Ray to hijack computing power for illicit cryptocurrency mining. "This vulnerability allows attackers to take over the companies' computing power and leak sensitive data," Oligo Security researchers Avi
News URL
https://thehackernews.com/2024/03/critical-unpatched-ray-ai-platform.html
Related news
- AI Vulnerability Finding (source)
- Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability (source)
- Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence (source)
- Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution (source)
- Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028) (source)
- ⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More (source)
- Critical Langflow RCE flaw exploited to hack AI app servers (source)
- Critical Windows Server 2025 dMSA Vulnerability Enables Active Directory Compromise (source)
- GitLab Duo Vulnerability Enabled Attackers to Hijack AI Responses with Hidden Prompts (source)
- ⚡ Weekly Recap: APT Campaigns, Browser Hijacks, AI Malware, Cloud Breaches and Critical CVEs (source)