Auto-GPT arbitrary code execution and docker escape: Researchers discovered a vulnerability in Auto-GPT that allowed attackers to execute arbitrary code by injecting prompts and manipulating the user approval process. They also found a method to escape the Auto-GPT docker image and gain access to th.. read more  

Developer automates the process of creating custom virtual machine images using the Azure Image Builder feature, eliminating the need for manual provisioning and configuration. This automation process involves defining resources in Azure, customizing the virtual machine image, and building the final.. read more  

A vulnerability in ServiceNow allows a low-privilege user to gain unauthorized full administrative access to the platform. By exploiting certain vulnerabilities, such as insecure access control and session token manipulation, an attacker can escalate their privileges from a standard user to an admin.. read more  

One is deploying an HPC embarrassingly parallel application in Azure Virtual Machine Scale Sets (VMSSs) and realized that (i) ssh into VM instances is possible even when they have not been fully provisioned and (ii) worker processes start before such provisioned state is reached. If you got into thi.. read more  

The Microsoft SQL Server has an undocumented design choice that allows it to bypass web application firewalls (WAFs) due to a lax attitude towards SQL parsers. This unorthodox design choice can potentially be exploited by hackers to bypass security protections provided by WAFs... read more  

Azure's MLPerf Training v3.0 submission showcased their ND H100 v5 virtual machine, featuring 8x NVIDIA H100 Tensor Core GPUs with advanced technologies like NVSwitch and NVLink 4.0, Quantum-2 CX7 InfiniBand, 4th Gen Intel Xeon Scalable processors, and high-speed interconnects. Replicating the resul.. read more  

IntroducingAzure OpenAI Service on your datain public preview—a groundbreaking feature that unlocks the power of OpenAI models, such as ChatGPT and GPT-4, with your own data... read more  

This CSI explains how to integrate security best practices into typical software development and operations (DevOps) Continuous Integration/Continuous Delivery (CI/CD) environments, without regard for the specific tools being adapted, and leverages several forms of government guidance to collect and.. read more  

Expenditure on cloud computing services reached$225 billion in 2022, prompting organizations to implement FinOps frameworks and address the root causes of rising costs, such as complex pricing, lack of understanding, and unpredictability. Specifically, the use of Kubernetes has contributed to cloud .. read more  

Reduce privilege and tighten IAM policy by identifying and removing unnecessary access keys, using IAM access advisor for service level adjustments, and considering alternative authentication solutions to minimize risk associated with AWS access keys... read more