VulnHub

The ShadowRay 2.0 threat actor is exploiting a vulnerability in the Ray framework to commandeer AI infrastructure globally, creating a self-propagating botnet for cryptomining and data theft. This poses a significant risk to AI systems and could lead to extensive data breaches and financial losses.

Oligo Security has reported that the ShadowRay 2.0 attack exploits a two-year-old vulnerability in the Ray AI framework to create a self-replicating cryptocurrency mining botnet using infected NVIDIA GPU clusters. This ongoing threat highlights the severity of unpatched vulnerabilities and the potential for widespread exploitation in the cybersecurity landscape.

The Tsundere botnet, targeting Windows users, is expanding and capable of executing arbitrary JavaScript code from a command-and-control server. This poses a significant threat to users, as the botnet's propagation methods remain unclear, indicating a potential for widespread exploitation.

Kaspersky GReAT experts have identified the Tsundere botnet, which utilizes Node.js-based bots to exploit web3 smart contracts. The campaign poses a significant cybersecurity threat as it spreads through MSI installers and PowerShell scripts, indicating a sophisticated method of propagation.

Operation WrtHug has compromised tens of thousands of outdated ASUS routers globally, primarily affecting users in Taiwan, the U.S., and Russia. The severity of this campaign highlights the risks associated with using end-of-life devices, as they can be easily hijacked to form a large botnet.