I'm a Security Researcher at Oligo Security. Currently working on securing AI Application infrastructure and uncovering key vulnerabilities in open-source AI projects.
ShadowRay 2.0 - AI Attacks AI: Self-Propagating Botnet Campaign
Discovery: Uncovered active global campaign where threat actors ("IronErn440") exploit CVE-2023-48022 in Ray to hijack AI compute clusters into a self-replicating botnet - the first documented use of AI to systematically attack AI infrastructure
Scale: 230,000+ Ray servers exposed globally (10x increase from original ShadowRay discovery) - potentially active since September 2024
Sophistication: DevOps-style infrastructure using GitLab/GitHub for region-aware malware delivery, LLM-generated payloads, CPU throttling at ~60% to evade detection, disguised processes masquerading as kernel workers
Capabilities: Multi-purpose botnet for cryptojacking, DDoS attacks, data exfiltration, and autonomous propagation across continents via OAST-based discovery
Discovery: Critical wormable zero-click remote code execution vulnerabilities in Apple's AirPlay protocol affecting billions of devices worldwide - no user interaction required for exploitation
Impact: Affects iPhones, iPads, Macs, Apple TVs, HomePods, and millions of third-party IoT devices (smart TVs, speakers, car infotainment systems). Enables autonomous worm-like propagation across networks
Pwn My Ride - CarPlay Attack Surface & Jailbreaking
Discovery: First comprehensive security analysis of Apple CarPlay revealing critical attack vectors enabling car jailbreaking and vehicle system compromise through infotainment interfaces
Impact: Demonstrates how CarPlay vulnerabilities can be chained to gain unauthorized access to vehicle systems, potentially affecting millions of CarPlay-enabled vehicles from major manufacturers
Significance: Pioneering research into automotive security via smartphone integration protocols - presented at DEF CON 33, one of the world's premier hacking conferences