‘Thousands’ of businesses at mercy of miscreants thanks to unpatched Ray AI flaw

March 27, 2024 at 04:43PM Thousands of companies are at risk due to a critical remote-code-execution bug, named ShadowRay (CVE-2023-48022), in the Ray open-source AI framework. Exploited for seven months, it compromises sensitive data and facilitates cryptocurrency mining. Although fixes for other flaws are available, the vulnerability remains, leading to significant breaches and data leaks. … Read more