Techly NewsGet the app

Get the latest tech news

SAPwned: SAP AI vulnerabilities expose customers' cloud environments and privat


Wiz Research uncovers vulnerabilities in SAP AI Core, allowing malicious actors to take over the service and access customer data.

A common problem with EFS instances is their default configuration as public – meaning credentials aren’t needed to view or edit files, as long as you have network access to their NFS ports. Listing files stored on these EFS instances has revealed mass amounts of AI data, including code and training datasets, categorized by customer ID: Partial file list from two EFS shares; each folder represents a different customer ID Our most interesting finding on the network was a service named Tiller, which is the server component of the Helm package manager (in version 2).

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Customers

Customers

Photo of cloud environments

cloud environments

Photo of privat

privat

Related news:

News photo

Kaspersky gives US customers six months of free updates as a parting gift

News photo

Rite Aid Says Breach Exposes Sensitive Details of 2.2 Million Customers

News photo

Big Music reprises classic hit 'ISPs need to stop their customers torrenting or we'll sue'

« Closed form arc length parametrization is impossible for quadratic Bézier curves
The 10th-gen iPad is matching its best price to date for Prime Day »