in AI Medium

AI Framework Deployed Without Security Consideration #negligence

1.8k Views 0 Votes

What Have They Done? Popular AI Framework Deployed Without a Single Security Consideration | by Gabriel Tocci | Mar, 2024

The Ray AI framework is being exploited in the wild, with vulnerabilities being actively exploited since its deployment. Anyscale, the project maintainer, has not implemented any security features, leaving the framework open to attacks. This lack of security measures is concerning given the widespread adoption of the Ray framework. The Zero Trust Architecture (ZTA) is recommended for modern software architecture to address such vulnerabilities. An ongoing attack campaign targeting servers storing AI workloads has been reported, with vulnerabilities in Ray being exploited. Anyscale is currently hiring Security Engineers to address these issues. The reported exploit involves the job scheduler submitting jobs without any authentication, highlighting the critical security flaws in the Ray framework. It is essential to prevent access to Ray clusters from untrusted machines to mitigate the risk of attacks.

Source link

Source link: https://gabetocci.medium.com/what-have-they-done-popular-ai-framework-deployed-without-a-single-security-consideration-09d749ed9e06?source=rss——artificial_intelligence-5

AIai newsartificial intelligencechatgpt

What do you think?

0 Points

Browse and manage your votes from your Member Profile Page

Leave a Reply

GIPHY App Key not set. Please check settings

Google Pixel 8 will get on-device Gemini Nano AI after all

Google Pixel 8 to receive on-device Gemini Nano AI #AI
ellesse x Tomorrowland Winter 2024: Behind The Scenes

#BehindTheScenes at ellesse x Tomorrowland Winter 2024 event. #SneakPeek