shadowray

Blender Hair Rendering Secret: Make Your Hair Softer! #Blender #HairRendering #HairTips #Grooming #LightPath #ShadowRay #MaterialTrick #HairSoftening #TransparencyBlend #3DCharacter #FurShader #BlenderTips #Shading #Lookdev #3DWorkflow #BlackFridaySale #3DAssets #HairTutorial

AI Attacking AI: Shadow Ray 2.0 #shadowray #ai #cryptomining

ShadowRay 2.0 Turns AI Clusters into Crypto Botnets darkreading.com/cyber-risk/s… #darkreading #cybersecurity #botnets

🚩 “ShadowRay 2.0” Exploits Unpatched Ray AI Framework Flaw (CVE-2023-48022) securityweek.com/two-year-ol… Attackers are hijacking exposed Ray clusters, some worth millions in GPU compute, to build a worm-like, self-propagating botnet for crypto mining, DDoS attacks, and data theft. If you’re running Ray infrastructure or any AI/ML orchestration stack, isolate dashboard endpoints, enable authentication, restrict API access and scan for use of the Jobs API from untrusted sources. #AIsec #CloudSecurity #ThreatHunting #Cryptojacking

Dark Reading | ShadowRay 2.0 Turns AI Clusters into Crypto Botnets darkreading.com/cyber-risk/s…

ShadowRay 2.0 Turns AI Clusters into Crypto Botnets darkreading.com/cyber-risk/s…

Top AI Security Monthly Insights - November 2025 1️⃣ AI pentest scoping playbook - devansh.bearblog.dev/ai-pent… - @devanshwolf 2️⃣ Hacking Gemini: A Multi-Layered Approach - buganizer.cc/hacking-gemini-… – @valent1nee at @github 3️⃣ The Agentic AI Security Scoping Matrix: A framework for securing autonomous AI systems - aws.amazon.com/blogs/securit… - @aaronwaynebrown and Matt Saner at @AWSSecurityInfo 4️⃣ The Devil Reviews Xanthorox: A Criminal-Focused Analysis of the Latest Malicious LLM Offering - trendmicro.com/vinfo/us/secu… – @dsancho66, @ziovic at @TrendMicro 5️⃣ Mind-reading Claude AI’s Complete System Prompt - generativeai.pub/mind-readin… – @JtheAIwhisperer 6️⃣ Ollama Remote Code Execution: Securing the Code That Runs LLMs - sonarsource.com/blog/ollama-… – @pspaul95 at @SonarSource 7️⃣ EchoGram: The Hidden Vulnerability Undermining AI Guardrails - hiddenlayer.com/innovation-h… – @Abraxus7331 at @hiddenlayersec 8️⃣ PromptJacking: The Critical RCEs in Claude Desktop That Turn Questions Into Exploits - koi.ai/blog/promptjacking-th… – @orenyomtov at @GetKoidex 9️⃣ SesameOp: Novel backdoor uses OpenAI Assistants API for command and control - microsoft.com/en-us/security… – @MsftSecIntel 🔟 Leveraging Generative AI to Reverse Engineer XLoader - research.checkpoint.com/2025… – @CPResearch 1️⃣1️⃣ When GPTs Call Home: Exploiting SSRF in ChatGPT’s Custom Actions - sirleeroyjenkins.medium.com/… – @SirLeeroyJenkin 1️⃣2️⃣ Ransomvibing appears in VS Code extensions - secureannex.com/blog/ransomv… – @tuckner at @secureannex 1️⃣3️⃣ Whisper Leak: A novel side-channel attack on remote language models - microsoft.com/en-us/security… – @yo_yo_yo_jbo, @glmcdona, @MsftSecIntel at @Microsoft 1️⃣4️⃣ HackedGPT: Novel AI Vulnerabilities Open the Door for Private Data Leakage - tenable.com/blog/hackedgpt-n… – @MosheBernstein, @terminatorLM at @TenableSecurity 1️⃣5️⃣ SupaPwn: Hacking Our Way into Lovable's Office and Helping Secure Supabase - hacktron.ai/blog/supapwn – @S1r1u5_, @rootxharsh, @LiveOverflow 1️⃣6️⃣ ShadowRay 2.0: Attackers Turn AI Against Itself in Global Campaign that Hijacks AI Into Self-Propagating Botnet - oligo.security/blog/shadowra… – @avi_lum, @GalElbaz1 at @OligoSecurity 1️⃣7️⃣ From Deepfake Scams to Poisoned Chatbots: AI and Election Security in 2025 - cetas.turing.ac.uk/publicati… – @turinginst 1️⃣8️⃣ AIKatz – All Your Chats Are Belong To Us - lumia.security/blog/aikatz – @kupsul at @LumiaSecurity 1️⃣9️⃣ ShadowMQ: How Code Reuse Spread Critical Vulnerabilities Across the AI Ecosystem - oligo.security/blog/shadowmq… – @avi_lum at @OligoSecurity 2️⃣0️⃣ Comet’s MCP API Allows AI Browsers to Execute Local Commands - labs.sqrx.com/comet-mcp-api-… – @SquareXLabs 2️⃣1️⃣ Using MCP for Debugging, Reversing, and Threat Analysis: Part 2 - whiteknightlabs.com/2025/11/… – @AlanSguigna at @WKL_cyber 2️⃣2️⃣ The Big Idea: Security Assurance is NOT Just QA for AI! - security.googlecloudcommunit… – @anton_chuvakin 2️⃣3️⃣ Lights, Camera… Leakage: When the System Prompt Crashes the Scene - mindgard.ai/blog/extracting-… – @fergalglynn at @mindgard #️⃣ #AIsecurity #AIsafety #AgentSecurity #PromptInjection #RCE #MCP #AIGuardrails #AIpentest #LLMsecurity #ModelExploitation #SupplyChainAI #DeepfakeThreats #DataLeakage #AIAssurance #AIsidechannel #AIincidents

🚨 DDoS News: Self-replicating botnet ShadowRay 2.0 targeting internet-exposed Ray clusters, turning them into DDoS machines and cryptominers. Over 230,000 clusters are at risk worldwide. Read more: eu1.hubs.ly/H0pV5_w0 #DDoS #DDoSNews #Botnet #Cybersecurity #NetworkSecurity

ShadowRay 2.0 Exploits Unpatched Ray Flaw to Build Self-Spreading GPU Cryptomining Botnet thehackernews.com/2025/11/sh…

ShadowRay 2.0 が突きつけたのは、 「AI活用が進むほど、AIインフラが最大の弱点になる」という現実 攻撃者はもはや人ではない AIが自らコードを生成し、感染し、拡散し、他社AIを狩り始め、 サイバー攻撃の自動増殖フェーズへの突入を意味します 企業が今直面… #NewsPicks npx.me/aUTS/ROrI?from=twitte…

AI駆動型サイバー攻撃が急増。 ShadowRay 2.0は23万台を狙う自己複製AIボットネット（Forbes）。 中国支援グループによる完全自動AIスパイ活動も確認（PwC）。 専門家は「AI脅威にはAI防御が必須」と警告。 Sources: Forbes / PwC / Axios / IBM） #CyberSecurity

ShadowRay 2.0 Exploits Unpatched Ray Flaw to Build Self-Spreading GPU Cryptomining Botnet thehackernews.com/2025/11/sh…

GPU Security Alert: Hackers are hijacking Ray AI clusters with NVIDIA GPUs for crypto mining through an unpatched flaw. Protect yourself:~ - Never expose Ray servers to the internet - Keep Ray behind firewalls - Add authentication to port 8265 - Use Anyscale's Ray Open Ports Checker tool Over 230K servers are vulnerable! The "ShadowRay 2.0" botnet self-spreads between exposed systems. Ray won't patch this (by design) - security is YOUR responsibility. Check if you're exposed NOW → thehackernews.com/2025/11/sh…

ShadowRay 2.0 Exploits Unpatched Ray Flaw to Build Self-Spreading GPU Cryptomining Botnet thehackernews.com/2025/11/sh…

🚨 Hackers are exploiting a 2-year-old authentication flaw (CVE-2023-48022) in the Ray AI framework to take over NVIDIA GPU clusters and run a self-spreading crypto-mining botnet called ShadowRay 2.0. The bug remains unpatched by design, and over 230,000 Ray servers are exposed online. Read about it here ↓ thehackernews.com/2025/11/sh…

🚨 AI Framework Flaw Exploited: In an ongoing campaign targeting the Ray AI framework, threat actors are exploiting a critical vulnerability that was initially dismissed by developers, leading to widespread cluster compromises. This sophisticated operation blends traditional cybercrime tactics with emerging AI-powered threats, creating a self-propagating nightmare that has already infected thousands of servers globally. CVE-2023-48022 CVSS 9.8 allows remote code execution through Ray's job submission API → Developer Dispute: Framework maintainers Anyscale initially disputed the bug's severity, arguing their documentation warned against deploying clusters in uncontrolled networks → Delayed Response: Despite promises to implement authentication over a year ago, the necessary security measures remained unimplemented when attacks began ShadowRay → ShadowRay 2.0 → Initial Campaign: The original ShadowRay operation focused primarily on data theft from hundreds of clusters → Current Escalation: Since September 2024, multiple threat groups have expanded the attack scope to include cryptocurrency mining, DDoS capabilities, and autonomous propagation → Expanded Footprint: Security researchers have identified over 230,000 Ray servers accessible from the web, with many already compromised 🎯 Reconnaissance and Initial Access → Automated scanning for vulnerable Ray clusters exposed to the internet → Malicious job submissions through the unauthenticated API → Initial payloads designed to assess cluster resources and calculate optimal takeover strategies 🎯 Lateral Movement and Persistence → Abuse of Ray's legitimate orchestration features to spread across all cluster nodes → Deployment of multi-stage Python payloads that dynamically adapt to environment resources → Implementation of sophisticated detection evasion techniques including CPU throttling and process masquerading 💥 Weaponized Development Pipeline → Threat actors used GitLab as their CI/CD pipeline for malware distribution → AI-Generated Payloads: Analysis of the attack code reveals patterns consistent with LLM-generated content → DevOps-Style Development: Commit history showed real-time development, A/B testing of techniques, and rollback capabilities 🐛 The Self-Propagating Mechanism → Compromised clusters were weaponized to scan for and attack other Ray dashboards worldwide → The worm-like functionality enables continuous expansion without additional command and control intervention → Each new victim becomes an attack platform for finding subsequent targets ⚠️ Impact and Scale → Resource Hijacking: Widespread cryptocurrency mining operations utilizing thousands of cluster nodes → Data Exposure: One compromised server contained 240 GB of proprietary source code, AI models, and technical datasheets → Broad Victim Profile: Startups, research organizations, and AI Dev environments across multiple sectors 🛡️ Mitigation Requirements → Isolate all Ray clusters from public internet access immediately → Implement network-level authentication and access controls → Conduct forensic analysis of all Ray environments for signs of compromise → Assume all development frameworks require explicit security configurations → Implement continuous monitoring for unusual resource utilization patterns AI infrastructure is being compromised using AI-generated attack code, innovative technology demands equally innovative security measures.

🚨New ShadowRay attacks convert Ray clusters into crypto miner Inside the payload code, the researchers found that the attacker appreciates a system with at least eight cores and root privileges, calling it "a very good boy." bleepingcomputer.com/news/se…

A global campaign dubbed ShadowRay 2.0 hijacks exposed Ray Clusters by exploiting an old code execution flaw to turn them into a self-propagating cryptomining botnet. #cybersecurity bleepingcomputer.com/news/se…

New ShadowRay attacks convert Ray clusters into crypto miners bleepingcomputer.com/news/se… #Security #ArtificialIntelligence