SecBoard
Zurück zur Übersicht
ManagerRed-TeamerIT/SaaSWeb SecurityKI-Sicherheit

Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting

The Hacker News·
Originalartikel lesen bei The Hacker News

A flaw in the Google Cloud Vertex AI SDK for Python let an attacker with no access to a victim's project hijack the victim's machine learning model upload and run code inside Google's serving infrastructure. Palo Alto Networks Unit 42, which found and reported the bug through Google's bug bounty...

MITRE ATT&CK Kill Chain (1 Techniken)

Execution
T1059.006

Python

Vollständigen Artikel lesen bei The Hacker News

Verwandte Artikel

Fileless Phantom Stealer Targets Browser Credentials

Dark Reading·vor 10 Minuten

Security Community Slams US Ban on Exporting Mythos, Fable

Dark Reading·vor 36 Minuten

Steam Workshop abused to spread malware via Wallpaper Engine app

BleepingComputer·vor etwa 4 Stunden

SprySOCKS Windows Variant Abuses Kernel Drivers to Evade Detection

Dark Reading·vor etwa 5 Stunden

ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures

The Hacker News·vor etwa 5 Stunden