SecBoard
Zurück zur Übersicht
Red-Teamer

Pickle in the Middle – Hijacking Vertex AI Model Uploads for Cross-Tenant RCE

Unit 42·
Originalartikel lesen bei Unit 42

Unit 42 discovered a Vertex AI Python SDK vulnerability that allows remote code execution via bucket squatting. Read the article for more. The post Pickle in the Middle – Hijacking Vertex AI Model Uploads for Cross-Tenant RCE appeared first on Unit 42.

MITRE ATT&CK Kill Chain (1 Techniken)

Execution
T1059.006

Python

Themen
Cloud Cybersecurity ResearchThreat Researchbucket squattingGoogle CloudjoblibPythonRCESDKsVertex AIvulnerability
Vollständigen Artikel lesen bei Unit 42

Verwandte Artikel

CISA warns of another cPanel plugin flaw exploited in attacks

BleepingComputer·vor etwa 1 Stunde

Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week

The Hacker News·vor etwa 1 Stunde

Ransomware gang abuses Microsoft Teams relays to hide malicious traffic

BleepingComputer·vor etwa 2 Stunden

WordPress: Lieferkettenangriff auf Plug-ins gefährdet 1,2 Millionen Instanzen

heise Security·vor etwa 2 Stunden

China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth

The Hacker News·vor etwa 2 Stunden