Malicious campaign targets popular OpenWebUI AI interface to mine crypty and steal credentials

Cybernews researchers uncovered numerous OpenWebUI instances that were silently running malware.
Compare the Cloud

Open-Source AI Servers Hijacked with Cryptominers and Infostealers for Over a Year

Researchers found 98 OpenWebUI instances where authentication was turned off entirely and over 2,000 servers that allowed anyone to register an account. A malware operation has been hijacking AI ...
Mashable

Discord delays age verification rollout after privacy backlash

Co-founder Stanislav Vishnevskiy addressed misgivings about Discord's age verification system in a blog posted on Tuesday, attempting to reassure worried users. "In hindsight, we should have provided ...

Trivy vulnerability scanner breach pushed infostealer via GitHub Actions

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...
Krebs on Security

How AI Assistants are Moving the Security Goalposts

AI-based assistants or “agents” — autonomous programs that have access to the user’s computer, files, online services and can automate virtually any task — are growing in popularity with developers ...
Cybernews

Malicious campaign targeting vulnerable OpenWebUI servers: technical analysis

During an investigation into exposed OpenWebUI servers, the Cybernews research team identified a malicious campaign targeting vulnerable OpenWebUI servers with cryptocurrency miners and Info Stealers.