PyTorch Foundation
-
Three critical bugs in Picklescan could let malicious PyTorch models execute code, researchers say
Researchers disclosed three high-severity vulnerabilities in Picklescan that can be abused to bypass scanning and execute arbitrary code when loading malicious PyTorch models; fixes were released in Picklescan 0.0.31 and related analysis is available from JFrog, SecDim and others.
-
Self‑replicating botnet abuses Ray clusters to mine cryptocurrency, steal data and launch DDoS attacks
Researchers say a campaign called ShadowRay 2.0 has been exploiting internet‑facing Ray clusters using CVE‑2023‑48022 and Ray’s orchestration features to spread a self‑replicating botnet that mines cryptocurrency, steals proprietary data and launches DDoS attacks, with attackers targeting large GPU environments and using automated discovery and multi‑stage payloads.
