National Cyber Warfare Foundation (NCWF)

Cryptomining Campaign Exploiting Exposed Ray AI Infrastructure (Campaign)
0 user ratings		2026-01-16 10:45:36
milo
Attacks
ShadowRay 2.0 targets Ray clusters whose dashboard / Jobs API is exposed without authentication. Attackers first use interact.sh (oast.fun) for out-of-band discovery, posting test jobs to /api/jobs/ that trigger HTTP/DNS callbacks to identify exploitable Ray dashboards. Once a...

ShadowRay 2.0 targets Ray clusters whose dashboard / Jobs API is exposed without authentication. Attackers first use interact.sh (oast.fun) for out-of-band discovery, posting test jobs to /api/jobs/ that trigger HTTP/DNS callbacks to identify exploitable Ray dashboards. Once a...

Source: Wiz
Source Link: https://threats.wiz.io/all-incidents/cryptomining-campaign-exploiting-exposed-ray-ai-infrastructure

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Attacks


Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.