ShadowRay 2.0 Exploits Unpatched Ray Flaw to Build Self-Spreading GPU Cryptomining Botnet
The Hacker News
Actively Exploited
Summary
Oligo Security has reported that the ShadowRay 2.0 attack exploits a two-year-old vulnerability in the Ray AI framework to create a self-replicating cryptocurrency mining botnet using infected NVIDIA GPU clusters. This ongoing threat highlights the severity of unpatched vulnerabilities and the potential for widespread exploitation in the cybersecurity landscape.
Impact
Ray open-source AI framework, NVIDIA GPUs
In the Wild
Yes
Timeline
Ongoing since 2023
Remediation
Update the Ray framework to the latest version and apply security patches as they become available.