Security Flaws in SAP AI Core Expose Customer Data and Access Tokens
1. SAP AI Core vulnerabilities, dubbed SAPwned, could let attackers access customer data and internal artifacts.
2. Flaws enable unauthorized access to cloud environments like AWS, Azure, and SAP HANA Cloud, and modify Docker images.
3. Exploits could grant cluster admin rights on Kubernetes, leading to data theft and model manipulation.
4. Issues stem from inadequate isolation and sandboxing in AI service platforms, similar to flaws in Hugging Face and Replicate.
5. A new threat group, NullBulge, targets AI and gaming sectors with malicious code and ransomware.
#sap #cybersecurity #ai #vulnerabilities #sapwned #cloudsecurity #kubernetes #aws #azure #databreach #aimodels #tenantisolation #supplychainattack #nullbulge #generativeai #malware #infosec #cyberthreats #securityflaws #technews #containersecurity #ransomware #asyncrat #xworm #lockbit
1. SAP AI Core vulnerabilities, dubbed SAPwned, could let attackers access customer data and internal artifacts.
2. Flaws enable unauthorized access to cloud environments like AWS, Azure, and SAP HANA Cloud, and modify Docker images.
3. Exploits could grant cluster admin rights on Kubernetes, leading to data theft and model manipulation.
4. Issues stem from inadequate isolation and sandboxing in AI service platforms, similar to flaws in Hugging Face and Replicate.
5. A new threat group, NullBulge, targets AI and gaming sectors with malicious code and ransomware.
#sap #cybersecurity #ai #vulnerabilities #sapwned #cloudsecurity #kubernetes #aws #azure #databreach #aimodels #tenantisolation #supplychainattack #nullbulge #generativeai #malware #infosec #cyberthreats #securityflaws #technews #containersecurity #ransomware #asyncrat #xworm #lockbit