home.social

#shadowray — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #shadowray, aggregated by home.social.

  1. hasamba @[email protected] ·

    ----------------

    🔐 Identity (AI & Cloud-Native)

    Overview

    The article documents a shift in the enterprise attack surface: adversaries are increasingly targeting machine identities and service-level credentials rather than human accounts. Notable examples cited include VoidLink, which specializes in harvesting credentials, ShadowRay 2.0, which exploited an unauthenticated AI framework, and LangFlow, which retained service credentials and created a “master key” effect for connected services.

    Key findings and numbers
    • Machine identities outnumber human identities by an average ratio of 82:1 (Rubrik Zero Labs).
    • A Cloud Security Alliance survey found 44% of organizations authenticate AI agents with static API keys, while only 28% can trace agent actions back to the human who authorized them; nearly 80% cannot currently report what deployed AI agents are doing or who is responsible.
    • SPIFFE and SPIRE are presented as the primary industry response for workload identity: they issue short-lived, automatically rotating credentials tied to verified workload attributes, reducing the value of long-lived secrets.

    Where current systems fall short
    • The piece emphasizes that SPIFFE/SPIRE were designed for traditional workload interactions; they can mitigate lateral movement and make alerts attributable when workloads carry verifiable identities. However, these systems are less effective for modern autonomous AI agents that make decisions, delegate tasks, and often authenticate with static credentials.
    • The result is an expanding risk surface: AI agents and machine identities broaden potential impact from breaches because credentials often are created informally, rarely rotated, and lack centralized governance.

    Implications reported (factual)
    • Attackers are not primarily “breaking in” but are leveraging logged-in identities belonging to machines and services.
    • Short-lived workload credentials are described as an effective technical control against credential harvesting tactics used by malware like VoidLink.

    🔹 VoidLink #SPIFFE #LangFlow #ShadowRay #machineidentity

    🔗 Source: blogs.cisco.com/security/ident

    #machineidentity #shadowray #langflow #spiffe
  2. Pyrzout :vm: @[email protected] ·

    Two-Year-Old Ray AI Framework Flaw Exploited in Ongoing Campaign securityweek.com/two-year-old- #ArtificialIntelligence #Malware&Threats #exploited #ShadowRay #Ray #AI

    #artificialintelligence #malware #exploited #shadowray #ray #ai