Click any tag below to further narrow down your results
Links
Researchers revealed a serious security flaw in Docker's Ask Gordon AI that allowed attackers to execute code and steal sensitive data. The vulnerability, called DockerDash, exploited unverified metadata in Docker images, which the AI treated as executable commands. Docker has fixed the issue in version 4.50.0.
Researchers assessed AI models' abilities to exploit smart contracts, revealing significant potential financial harm. They developed a benchmark, SCONE-bench, that demonstrates AI's capacity to discover vulnerabilities and generate exploits, emphasizing the need for proactive defenses.
Security researchers found serious vulnerabilities in Ollama and NVIDIA Triton Inference Server that could allow remote code execution. Although these flaws have been patched, they highlight growing security concerns around AI infrastructure and the shift in focus from model exploitation to infrastructure vulnerabilities.