{"vulnerability": "CVE-2023-4802", "sightings": [{"uuid": "d6dc7859-bc4b-4b45-bf1d-2c84cd2eaea5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48022", "type": "seen", "source": "MISP/4b092cb1-913f-4575-a172-1e6c6332c228", "content": "", "creation_timestamp": "2024-03-27T10:34:26.000000Z"}, {"uuid": "a642d4d2-7550-4bb7-90c7-a0ea738d3472", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48022", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "d4b815c5-5657-4bd5-ae1d-0f4c54a1d6b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48022", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:57.000000Z"}, {"uuid": "86fdd13e-f1b4-4f7f-8577-ddb0f96fc9dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48022", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/115578595447482355", "content": "", "creation_timestamp": "2025-11-19T21:56:48.753670Z"}, {"uuid": "cdac062d-4309-4479-a37d-e6fcbbbdb871", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48022", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2023/CVE-2023-48022.yaml", "content": "", "creation_timestamp": "2025-06-22T09:14:30.000000Z"}, {"uuid": "dd0ce614-0934-4a85-a296-c598b62fab12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48022", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lseymli5zk2o", "content": "", "creation_timestamp": "2025-06-24T21:02:27.828739Z"}, {"uuid": "aa7298c5-25b7-447d-a4fb-241e0502b829", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48022", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"}, {"uuid": "d9fdf1ff-5849-4065-a1bc-831008c88a7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48022", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/115607090943829816", "content": "", "creation_timestamp": "2025-11-24T22:43:35.172896Z"}, {"uuid": "30bd34ee-308e-40fb-941a-4a7226039326", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48022", "type": "seen", "source": "https://threatintel.cc/2025/11/24/shadowray-turns-ai-clusters-into.html", "content": "", "creation_timestamp": "2025-11-24T21:43:42.000000Z"}, {"uuid": "2354703e-6b48-4e25-beec-cdc65f743493", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48022", "type": "seen", "source": "https://threatintel.cc/2025/11/19/shadowray.html", "content": "", "creation_timestamp": "2025-11-19T11:53:32.000000Z"}, {"uuid": "886b86ec-84ef-4f15-97a6-96b004703e14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48022", "type": "seen", "source": "https://gist.github.com/Darkcrai86/960224462c3facef7818b9f5b080d004", "content": "", "creation_timestamp": "2025-11-20T11:59:19.000000Z"}, {"uuid": "27ce9341-d3a4-450d-8e6c-716ef487cf8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48022", "type": "seen", "source": "https://bsky.app/profile/matricedigitale.bsky.social/post/3m6k5tw3f2626", "content": "", "creation_timestamp": "2025-11-26T15:21:37.845282Z"}, {"uuid": "51dc66f9-e37e-4742-87e6-b889c2a9a522", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48022", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/115576458204953182", "content": "", "creation_timestamp": "2025-11-19T12:53:16.676984Z"}, {"uuid": "f9566adb-6800-45c3-9c4f-29357993398c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48022", "type": "seen", "source": "https://infosec.exchange/users/technadu/statuses/115577521840253869", "content": "", "creation_timestamp": "2025-11-19T17:23:49.177088Z"}, {"uuid": "52faca03-ee9e-402b-aeb8-b155f1cc7d67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48022", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/ray_agent_job_rce.rb", "content": "", "creation_timestamp": "2024-08-23T09:26:17.000000Z"}, {"uuid": "e5f707a4-2506-4af8-912f-15c1fd89d62a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48022", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-20)", "content": "", "creation_timestamp": "2025-12-20T00:00:00.000000Z"}, {"uuid": "c79ab97f-7edc-430e-b711-d0fe9fcdaa44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48022", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-18)", "content": "", "creation_timestamp": "2025-12-18T00:00:00.000000Z"}, {"uuid": "35273699-79bb-49f9-be46-006e1a673b00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48022", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-12-25)", "content": "", "creation_timestamp": "2025-12-25T00:00:00.000000Z"}, {"uuid": "822f15e4-844d-4abd-9d5f-5ea355f0b286", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48022", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-23)", "content": "", "creation_timestamp": "2025-12-23T00:00:00.000000Z"}, {"uuid": "ae6ae8cb-b384-43b4-9453-4c51c3be6caf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48022", "type": "exploited", "source": "https://t.me/thehackernews/7941", "content": "\ud83d\udea8 Hackers are exploiting a 2-year-old authentication flaw (CVE-2023-48022) in the Ray AI framework to take over NVIDIA GPU clusters and run a self-spreading crypto-mining botnet called ShadowRay 2.0.\n\nThe bug remains unpatched by design, and over 230,000 Ray servers are exposed online.\n\nRead about it here \u2193 https://thehackernews.com/2025/11/shadowray-20-exploits-unpatched-ray.html", "creation_timestamp": "2025-11-20T17:26:09.000000Z"}, {"uuid": "2b4737c2-bbbc-4d2b-a87c-ded0ce65d6d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48022", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-25)", "content": "", "creation_timestamp": "2025-12-25T00:00:00.000000Z"}, {"uuid": "2051a393-fb08-41d7-a1ab-c9a5ed961d3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48022", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-12-29)", "content": "", "creation_timestamp": "2025-12-29T00:00:00.000000Z"}, {"uuid": "bc3daff0-4892-4b0c-9e35-be68229cfc67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48022", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-10)", "content": "", "creation_timestamp": "2026-01-10T00:00:00.000000Z"}, {"uuid": "7de23652-ac51-4c2f-aade-8b82eaae8e9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48022", "type": "published-proof-of-concept", "source": "https://github.com/google/tsunami-security-scanner-plugins/tree/master/google/detectors/rce/ai/cve202348022", "content": "", "creation_timestamp": "2024-02-14T12:16:10.000000Z"}, {"uuid": "cca89edc-fca0-4936-9fe0-25bfad137c6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48022", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6878", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aShadowRay RCE POC (CVE-2023-48022)\nURL\uff1ahttps://github.com/jakabakos/ShadowRay-RCE-PoC-CVE-2023-48022\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-04-01T18:26:11.000000Z"}, {"uuid": "b17a1eba-131f-4aa4-8e23-de73a07247b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48022", "type": "seen", "source": "https://t.me/arpsyndicate/4413", "content": "#ExploitObserverAlert\n\nCVE-2023-48022\n\nDESCRIPTION: Exploit Observer has 16 entries in 5 file formats related to CVE-2023-48022. Anyscale Ray 2.6.3 and 2.8.0 allows a remote attacker to execute arbitrary code via the job submission API. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment\n\nFIRST-EPSS: 0.003770000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2024-04-09T20:17:18.000000Z"}, {"uuid": "43cf5fa3-c619-4c9b-965f-7fe8a2bc4310", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48023", "type": "seen", "source": "https://t.me/ctinow/155637", "content": "https://ift.tt/qjz97md\nCVE-2023-48023 | Anyscale Ray 2.6.3/2.8.0 /log_proxy server-side request forgery", "creation_timestamp": "2023-12-17T16:42:33.000000Z"}, {"uuid": "3e44fe82-2b80-42eb-859f-5fe059d276c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48022", "type": "seen", "source": "https://t.me/ctinow/155636", "content": "https://ift.tt/j9pxdgE\nCVE-2023-48022 | Anyscale Ray 2.6.3/2.8.0 Job Submission API server-side request forgery", "creation_timestamp": "2023-12-17T16:42:32.000000Z"}, {"uuid": "4c3fd6a4-4076-4841-b3ec-5d841fd37498", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48024", "type": "seen", "source": "https://t.me/arpsyndicate/1495", "content": "#ExploitObserverAlert\n\nCVE-2023-48024\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-48024. Liblisp through commit 4c65969 was discovered to contain a use-after-free vulnerability in void hash_destroy(hash_table_t *h) at hash.c\n\nFIRST-EPSS: 0.000460000\nNVD-IS: 3.6\nNVD-ES: 2.8", "creation_timestamp": "2023-12-06T14:40:03.000000Z"}, {"uuid": "265f1b11-97ed-479c-b25d-55d8810149b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48025", "type": "seen", "source": "https://t.me/arpsyndicate/1476", "content": "#ExploitObserverAlert\n\nCVE-2023-48025\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-48025. Liblisp through commit 4c65969 was discovered to contain a out-of-bounds-read vulnerability in unsigned get_length(lisp_cell_t * x) at eval.c\n\nFIRST-EPSS: 0.000840000\nNVD-IS: 5.2\nNVD-ES: 2.8", "creation_timestamp": "2023-12-06T11:20:07.000000Z"}, {"uuid": "dd072918-bf14-4177-9f3f-ffd102cf62b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48022", "type": "exploited", "source": "https://t.me/true_secator/5575", "content": "Oligo \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 \u043e \u043c\u0430\u0441\u0441\u043e\u0432\u043e\u043c \u0432\u0437\u043b\u043e\u043c\u0435 \u0441\u043e\u0442\u0435\u043d \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u0432 \u0441 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438 \u0438\u0441\u043a\u0443\u0441\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0433\u043e \u0438\u043d\u0442\u0435\u043b\u043b\u0435\u043a\u0442\u0430 Anyscale Ray \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043e\u0442\u043a\u0430\u0437\u0430\u043b\u0441\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c, \u0440\u0430\u0441\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u044f \u0435\u0435 \u043a\u0430\u043a \u043f\u0440\u043e\u0435\u043a\u0442\u043d\u043e\u0435 \u0440\u0435\u0448\u0435\u043d\u0438\u0435.\n\n\u0412 \u043d\u043e\u044f\u0431\u0440\u0435 2023 \u0433\u043e\u0434\u0430 Anyscale \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u043f\u044f\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Ray, \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0432 \u0447\u0435\u0442\u044b\u0440\u0435 \u0438\u0437 \u043d\u0438\u0445:  CVE-2023-6019, CVE-2023-6020, CVE-2023-6021 \u0438 CVE-2023-48023.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u043f\u044f\u0442\u0430\u044f CVE-2023-48022, \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f RCE-\u043e\u0448\u0438\u0431\u043a\u0430, \u043e\u0441\u0442\u0430\u043b\u0430\u0441\u044c \u0431\u0435\u0437 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443, \u043f\u043e \u043c\u043d\u0435\u043d\u0438\u044e Anyscale, \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 \u043d\u0438\u043a\u043e\u0433\u0434\u0430 \u043d\u0435 \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0430\u043b\u0430\u0441\u044c \u0434\u043b\u044f \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u0438 \u043d\u0435 \u043d\u0443\u0436\u0434\u0430\u043b\u0430\u0441\u044c \u0432 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\nAnyscale \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f\u0445, \u043d\u0430\u0440\u0443\u0448\u0430\u044e\u0449\u0438\u0445 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0435\u043a\u0442\u0430 \u043f\u043e \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0432 \u0441\u0442\u0440\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u043e\u0439 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0441\u0440\u0435\u0434\u0435.\n\n\u0421\u0432\u043e\u0435\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u0441\u043c\u0435\u043a\u043d\u0443\u0432\u0448\u0438\u0435 \u0444\u0438\u0448\u043a\u0443 \u0445\u0430\u043a\u0435\u0440\u044b \u0431\u044b\u0441\u0442\u0440\u043e \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u043b\u0438 \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0441 5 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f 2023 \u0433\u043e\u0434\u0430 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e ShadowRay \u0441 \u0446\u0435\u043b\u044c\u044e \u0437\u0430\u0445\u0432\u0430\u0442\u0430 \u0432\u044b\u0447\u0438\u0441\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043c\u043e\u0449\u043d\u043e\u0441\u0442\u0435\u0439 \u0434\u043b\u044f \u043c\u0430\u0439\u043d\u0438\u043d\u0433\u0430 \u0438 \u043a\u0440\u0430\u0436\u0438 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0442\u044b\u0441\u044f\u0447 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439.\n\nCVE-2023-48022 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 9,8 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a\u043e \u0432\u0441\u0435\u043c \u0437\u0430\u043c\u0435\u0442\u043a\u0430\u043c \u0432 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0435, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Oligo, \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u044d\u0442\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438\u00a0\u0431\u044b\u043b\u0438 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u044b \u0441\u043e\u0442\u043d\u0438 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u0432 Ray, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u043e\u0445\u0438\u0442\u0438\u043b\u0438 \u043c\u0430\u0441\u0441\u0443 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0434\u0430\u043d\u043d\u044b\u0435 \u0440\u0430\u0431\u043e\u0447\u0435\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0418\u0418, \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0431\u0430\u0437 \u0434\u0430\u043d\u043d\u044b\u0445, \u0445\u044d\u0448\u0438 \u043f\u0430\u0440\u043e\u043b\u0435\u0439, \u043a\u043b\u044e\u0447\u0438 SSH, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0442\u043e\u043a\u0435\u043d\u044b OpenAI, HuggingFace \u0438 Stripe.\n\n\u0411\u043e\u043b\u0435\u0435 \u0442\u043e\u0433\u043e, \u043c\u043d\u043e\u0433\u0438\u0435 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u044b \u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0438 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 root, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044f \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u043c \u0441\u0435\u0440\u0432\u0438\u0441\u0430\u043c, \u0447\u0442\u043e \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0433\u043b\u043e \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0434\u0430\u043d\u043d\u044b\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432.\n\n\u0421\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u044b \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u043b\u0438 \u0434\u043e\u0441\u0442\u0443\u043f \u043a API Kubernetes \u0438 \u0442\u043e\u043a\u0435\u043d\u044b Slack.\n\nOligo \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u0432 \u0431\u044b\u043b\u0438 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u044b \u043a\u0440\u0438\u043f\u0442\u043e\u043c\u0430\u0439\u043d\u0435\u0440\u0430\u043c\u0438, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 XMRig, NBMiner \u0438 Zephyr \u043d\u0430 \u0431\u0430\u0437\u0435 Java, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u0440\u0430\u0442\u043d\u044b\u043c\u0438 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0430\u043c\u0438 \u0434\u043b\u044f \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043c\u0430\u0441\u0448\u0442\u0430\u0431 \u0430\u0442\u0430\u043a \u0438 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u0441\u043e\u0431\u044b\u0442\u0438\u0439, Oligo \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u0437\u0430 ShadowRay \u0441\u0442\u043e\u0438\u0442 \u043e\u043f\u044b\u0442\u043d\u0430\u044f \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0430, \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f Interactsh \u0434\u043b\u044f \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043d\u0430 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0438 \u043e\u0431\u0449\u0435\u0439 \u0434\u0435\u0437\u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0435\u0439 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u043f\u043e\u0440\u043d\u043e\u0439 CVE.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043f\u043e\u043b\u0435\u0437\u043d\u0443\u044e \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0443, \u0437\u0430\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0432 base64, \u0432\u044b\u044f\u0432\u043b\u044f\u044f \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u043d\u0430 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d\u0430\u0445 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0435\u0432 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043d\u0438 \u043e\u0434\u043d\u0438\u043c\u00a0AV-\u0434\u0432\u0438\u0436\u043a\u043e\u043c VirusTotal.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a \u0438\u043c\u0435\u0435\u0442 \u0431\u043e\u043b\u0435\u0435 30 500 \u0437\u0432\u0435\u0437\u0434 \u043d\u0430 GitHub \u0438 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442\u0441\u044f \u043c\u043d\u043e\u0433\u0438\u043c\u0438 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c\u0438 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Amazon, Spotify, LinkedIn, Instacart, Netflix, Uber \u0438 OpenAI, \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f ShadowRay \u0432 \u043f\u0435\u0440\u0441\u043f\u0435\u043a\u0442\u0438\u0432\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u043e\u0447\u0435\u043d\u044c \u043f\u0435\u0447\u0430\u043b\u044c\u043d\u044b\u043c\u0438.\n\n\u0411\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2024-03-27T17:30:05.000000Z"}, {"uuid": "8def38cb-bfa9-4a9a-bedf-0c35677c0df9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48023", "type": "exploited", "source": "https://t.me/true_secator/5575", "content": "Oligo \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 \u043e \u043c\u0430\u0441\u0441\u043e\u0432\u043e\u043c \u0432\u0437\u043b\u043e\u043c\u0435 \u0441\u043e\u0442\u0435\u043d \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u0432 \u0441 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438 \u0438\u0441\u043a\u0443\u0441\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0433\u043e \u0438\u043d\u0442\u0435\u043b\u043b\u0435\u043a\u0442\u0430 Anyscale Ray \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043e\u0442\u043a\u0430\u0437\u0430\u043b\u0441\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c, \u0440\u0430\u0441\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u044f \u0435\u0435 \u043a\u0430\u043a \u043f\u0440\u043e\u0435\u043a\u0442\u043d\u043e\u0435 \u0440\u0435\u0448\u0435\u043d\u0438\u0435.\n\n\u0412 \u043d\u043e\u044f\u0431\u0440\u0435 2023 \u0433\u043e\u0434\u0430 Anyscale \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u043f\u044f\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Ray, \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0432 \u0447\u0435\u0442\u044b\u0440\u0435 \u0438\u0437 \u043d\u0438\u0445:  CVE-2023-6019, CVE-2023-6020, CVE-2023-6021 \u0438 CVE-2023-48023.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u043f\u044f\u0442\u0430\u044f CVE-2023-48022, \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f RCE-\u043e\u0448\u0438\u0431\u043a\u0430, \u043e\u0441\u0442\u0430\u043b\u0430\u0441\u044c \u0431\u0435\u0437 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443, \u043f\u043e \u043c\u043d\u0435\u043d\u0438\u044e Anyscale, \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 \u043d\u0438\u043a\u043e\u0433\u0434\u0430 \u043d\u0435 \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0430\u043b\u0430\u0441\u044c \u0434\u043b\u044f \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u0438 \u043d\u0435 \u043d\u0443\u0436\u0434\u0430\u043b\u0430\u0441\u044c \u0432 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\nAnyscale \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f\u0445, \u043d\u0430\u0440\u0443\u0448\u0430\u044e\u0449\u0438\u0445 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0435\u043a\u0442\u0430 \u043f\u043e \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0432 \u0441\u0442\u0440\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u043e\u0439 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0441\u0440\u0435\u0434\u0435.\n\n\u0421\u0432\u043e\u0435\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u0441\u043c\u0435\u043a\u043d\u0443\u0432\u0448\u0438\u0435 \u0444\u0438\u0448\u043a\u0443 \u0445\u0430\u043a\u0435\u0440\u044b \u0431\u044b\u0441\u0442\u0440\u043e \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u043b\u0438 \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0441 5 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f 2023 \u0433\u043e\u0434\u0430 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e ShadowRay \u0441 \u0446\u0435\u043b\u044c\u044e \u0437\u0430\u0445\u0432\u0430\u0442\u0430 \u0432\u044b\u0447\u0438\u0441\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043c\u043e\u0449\u043d\u043e\u0441\u0442\u0435\u0439 \u0434\u043b\u044f \u043c\u0430\u0439\u043d\u0438\u043d\u0433\u0430 \u0438 \u043a\u0440\u0430\u0436\u0438 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0442\u044b\u0441\u044f\u0447 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439.\n\nCVE-2023-48022 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 9,8 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a\u043e \u0432\u0441\u0435\u043c \u0437\u0430\u043c\u0435\u0442\u043a\u0430\u043c \u0432 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0435, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Oligo, \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u044d\u0442\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438\u00a0\u0431\u044b\u043b\u0438 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u044b \u0441\u043e\u0442\u043d\u0438 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u0432 Ray, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u043e\u0445\u0438\u0442\u0438\u043b\u0438 \u043c\u0430\u0441\u0441\u0443 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0434\u0430\u043d\u043d\u044b\u0435 \u0440\u0430\u0431\u043e\u0447\u0435\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0418\u0418, \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0431\u0430\u0437 \u0434\u0430\u043d\u043d\u044b\u0445, \u0445\u044d\u0448\u0438 \u043f\u0430\u0440\u043e\u043b\u0435\u0439, \u043a\u043b\u044e\u0447\u0438 SSH, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0442\u043e\u043a\u0435\u043d\u044b OpenAI, HuggingFace \u0438 Stripe.\n\n\u0411\u043e\u043b\u0435\u0435 \u0442\u043e\u0433\u043e, \u043c\u043d\u043e\u0433\u0438\u0435 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u044b \u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0438 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 root, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044f \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u043c \u0441\u0435\u0440\u0432\u0438\u0441\u0430\u043c, \u0447\u0442\u043e \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0433\u043b\u043e \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0434\u0430\u043d\u043d\u044b\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432.\n\n\u0421\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u044b \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u043b\u0438 \u0434\u043e\u0441\u0442\u0443\u043f \u043a API Kubernetes \u0438 \u0442\u043e\u043a\u0435\u043d\u044b Slack.\n\nOligo \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u0432 \u0431\u044b\u043b\u0438 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u044b \u043a\u0440\u0438\u043f\u0442\u043e\u043c\u0430\u0439\u043d\u0435\u0440\u0430\u043c\u0438, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 XMRig, NBMiner \u0438 Zephyr \u043d\u0430 \u0431\u0430\u0437\u0435 Java, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u0440\u0430\u0442\u043d\u044b\u043c\u0438 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0430\u043c\u0438 \u0434\u043b\u044f \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043c\u0430\u0441\u0448\u0442\u0430\u0431 \u0430\u0442\u0430\u043a \u0438 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u0441\u043e\u0431\u044b\u0442\u0438\u0439, Oligo \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u0437\u0430 ShadowRay \u0441\u0442\u043e\u0438\u0442 \u043e\u043f\u044b\u0442\u043d\u0430\u044f \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0430, \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f Interactsh \u0434\u043b\u044f \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043d\u0430 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0438 \u043e\u0431\u0449\u0435\u0439 \u0434\u0435\u0437\u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0435\u0439 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u043f\u043e\u0440\u043d\u043e\u0439 CVE.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043f\u043e\u043b\u0435\u0437\u043d\u0443\u044e \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0443, \u0437\u0430\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0432 base64, \u0432\u044b\u044f\u0432\u043b\u044f\u044f \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u043d\u0430 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d\u0430\u0445 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0435\u0432 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043d\u0438 \u043e\u0434\u043d\u0438\u043c\u00a0AV-\u0434\u0432\u0438\u0436\u043a\u043e\u043c VirusTotal.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a \u0438\u043c\u0435\u0435\u0442 \u0431\u043e\u043b\u0435\u0435 30 500 \u0437\u0432\u0435\u0437\u0434 \u043d\u0430 GitHub \u0438 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442\u0441\u044f \u043c\u043d\u043e\u0433\u0438\u043c\u0438 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c\u0438 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Amazon, Spotify, LinkedIn, Instacart, Netflix, Uber \u0438 OpenAI, \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f ShadowRay \u0432 \u043f\u0435\u0440\u0441\u043f\u0435\u043a\u0442\u0438\u0432\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u043e\u0447\u0435\u043d\u044c \u043f\u0435\u0447\u0430\u043b\u044c\u043d\u044b\u043c\u0438.\n\n\u0411\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2024-03-27T17:30:05.000000Z"}, {"uuid": "a2f8d6a7-d1c4-480d-8862-7017bee94b4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4802", "type": "seen", "source": "https://t.me/cibsecurity/70408", "content": "\u203c CVE-2023-4802 \u203c\n\nA reflected cross-site scripting vulnerability in the UpdateInstalledSoftware endpoint of the Insider Threat Management (ITM) Server's web console could be used by an authenticated administrator to run arbitrary javascript within another web console administrator's browser. All versions prior to 7.14.3.69 are affected.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-13T20:34:20.000000Z"}, {"uuid": "96b5832d-3fd7-4092-97c6-3a114ded7c7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48022", "type": "seen", "source": "https://t.me/NeKaspersky/3626", "content": "\u041f\u044f\u0442\u044b\u0439 \u044d\u043b\u0435\u043c\u0435\u043d\u0442\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043b\u0438 \u0441\u043e\u0442\u043d\u0438 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u0432 \u0441 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438 \u0438\u0441\u043a\u0443\u0441\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0433\u043e \u0438\u043d\u0442\u0435\u043b\u043b\u0435\u043a\u0442\u0430 Anyscale Ray. \n\n\u041f\u044f\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e \u0435\u0449\u0451 \u0432 \u043d\u043e\u044f\u0431\u0440\u0435 2023 \u0433\u043e\u0434\u0430, \u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u0447\u0435\u0442\u044b\u0440\u0435 \u0438\u0437 \u043d\u0438\u0445. \u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043f\u043e\u0441\u0447\u0438\u0442\u0430\u043b\u0438, \u0447\u0442\u043e CVE-2023-48022 \u043d\u0435 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043e\u0439, \u0442\u0430\u043a \u043a\u0430\u043a \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0431\u044b\u043b\u043e \u0434\u0430\u0432\u043d\u0438\u043c \u043f\u0440\u043e\u0435\u043a\u0442\u043d\u044b\u043c \u0440\u0435\u0448\u0435\u043d\u0438\u0435\u043c. \n\n\u041a\u0430\u043a \u0438\u0442\u043e\u0433, \u0431\u0440\u0435\u0448\u044c \u043f\u043e\u043c\u043e\u0433\u043b\u0430 \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0430\u043c \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u0441\u0435\u0440\u0438\u044e \u0432\u0437\u043b\u043e\u043c\u043e\u0432 ShadowRay \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0439 \u0411\u0414, \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0435 \u0441\u0440\u0435\u0434\u044b, \u043c\u043e\u0434\u0435\u043b\u0438 \u0418\u0418, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0442\u043e\u043a\u0435\u043d\u044b \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043e\u0431\u043b\u0430\u0447\u043d\u043e\u0439 \u0441\u0440\u0435\u0434\u0435. \n\n\u041f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 Ray \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0435\u0439 Anyscale \u0434\u043b\u044f \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0418\u0418 \u0438 Python \u0432 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0435 \u0434\u043b\u044f \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0451\u043d\u043d\u044b\u0445 \u0432\u044b\u0447\u0438\u0441\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043d\u0430\u0433\u0440\u0443\u0437\u043e\u043a. \u0415\u0451 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0442\u0430\u043a\u0438\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043a\u0430\u043a Netflix, Spotify, LinkedIn, Amazon, Uber, OpenAI \u0438 \u0434\u0440. \n\n\u041d\u0435\u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u0438\u0439", "creation_timestamp": "2024-03-28T22:02:46.000000Z"}, {"uuid": "6f48753c-274a-4fc6-a02a-a4126f04507a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48022", "type": "seen", "source": "https://t.me/ctinow/213001", "content": "https://ift.tt/yWKrb4d\nAI framework vulnerability is being used to compromise enterprise servers (CVE-2023-48022)", "creation_timestamp": "2024-03-27T12:36:39.000000Z"}, {"uuid": "c6349f5e-3c2c-47b7-8c98-1610b94e9a75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48022", "type": "exploited", "source": "https://t.me/thehackernews/4738", "content": "\ud83d\udea8 Alert: Hackers are actively exploiting an unpatched flaw in the popular AI platform Anyscale Ray to steal computing power for cryptocurrency mining. \n \nDetails: https://thehackernews.com/2024/03/critical-unpatched-ray-ai-platform.html \n \nThis vulnerability (CVE-2023-48022) could expose sensitive company data.", "creation_timestamp": "2024-03-27T11:46:07.000000Z"}]}