Vulnerability in popular AI developer could \u2018shut down essentially everything you own\u2019 | CyberScoop<\/title> <meta name=\"description\" content=\"The flaw in Lightning.AI\u2019s platform, which has been patched, would have given root access to an attacker and broad control over a victim\u2019s cloud-based studio and connected systems.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/lightningai-vulnerability-noma-cloud-phishing\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Vulnerability in popular AI developer could \u2018shut down essentially everything you own\u2019 \"> <meta property=\"og:description\" content=\"The flaw in Lightning.AI\u2019s platform, which has been patched, would have given root access to an attacker and broad control over a victim\u2019s cloud-based studio and connected systems.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/lightningai-vulnerability-noma-cloud-phishing\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:published_time\" content=\"2025-01-29T15:29:45+00:00\"> <meta property=\"article:modified_time\" content=\"2025-01-29T15:37:21+00:00\"> <meta name=\"author\" content=\"djohnson\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/01\/vulnerability-in-popular-ai-developer-could-shut-down-essentially-everything-you-own-2.jpg\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1732206022g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1736472017g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1737070850g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=cc5cb8dd0a9ba2b865c4\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/83314\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.7.1\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=83314\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Flightningai-vulnerability-noma-cloud-phishing%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Flightningai-vulnerability-noma-cloud-phishing%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-83314 single-format-standard\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/lightningai-vulnerability-noma-cloud-phishing\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--event js-stickybar\">\n<div class=\"stickybar__details\" readability=\"5.12\">\n<div class=\"stickybar__info js-sticky-bar-content\" readability=\"32\">\n<p>Nominations can be submitted for the 2025 CyberScoop 50 awards!<\/p>\n<\/div>\n<p> <a class=\"stickybar__link button button-tertiary\" href=\"https:\/\/cyberscoop.com\/cyberscoop50\/\">Click here!<\/a> <\/div>\n<p> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"26.777372262774\">\n<div class=\"single-article__header-content\" readability=\"36.553911205074\">\n<p> The flaw in Lightning.AI\u2019s platform, which has been patched, would have given root access to an attacker and broad control over a victim\u2019s cloud-based studio and connected systems. <\/p>\n<p>  <br \/>\n<audio id=\"audio-player\" src=\"https:\/\/wp-tts-cdn.api.scpnewsgrp.com\/cyberscoop\/83314\/english.openai.mp3\"><\/audio> <\/p>\n<div readability=\"11\">\n<div>\n<p>Listen to this article<\/p>\n<p>  <\/p>\n<p>0:00<\/p>\n<\/p><\/div>\n<p>  <\/p>\n<p> <span id=\"tts-tooltip\">Learn more.<\/span> <span> This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment. <\/span> <\/p>\n<\/div>\n<p>  <\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"410\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/01\/vulnerability-in-popular-ai-developer-could-shut-down-essentially-everything-you-own.jpg?resize=640%2C410&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/01\/vulnerability-in-popular-ai-developer-could-shut-down-essentially-everything-you-own-2.jpg 5133w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/01\/vulnerability-in-popular-ai-developer-could-shut-down-essentially-everything-you-own-2.jpg?resize=300,192 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/01\/vulnerability-in-popular-ai-developer-could-shut-down-essentially-everything-you-own-2.jpg?resize=768,492 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/01\/vulnerability-in-popular-ai-developer-could-shut-down-essentially-everything-you-own-2.jpg?resize=1024,656 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/01\/vulnerability-in-popular-ai-developer-could-shut-down-essentially-everything-you-own-2.jpg?resize=1536,984 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/01\/vulnerability-in-popular-ai-developer-could-shut-down-essentially-everything-you-own-2.jpg?resize=2048,1312 2048w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/01\/vulnerability-in-popular-ai-developer-could-shut-down-essentially-everything-you-own-2.jpg?resize=600,384 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/01\/vulnerability-in-popular-ai-developer-could-shut-down-essentially-everything-you-own-2.jpg?resize=262,168 262w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/01\/vulnerability-in-popular-ai-developer-could-shut-down-essentially-everything-you-own-2.jpg?resize=526,337 526w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/01\/vulnerability-in-popular-ai-developer-could-shut-down-essentially-everything-you-own-2.jpg?resize=1054,675 1054w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/01\/vulnerability-in-popular-ai-developer-could-shut-down-essentially-everything-you-own-2.jpg?resize=1316,843 1316w\" sizes=\"(max-width: 1054px) 100vw, 1054px\"><figcaption> A flaw in Lightning.AI\u2019s platform, which has been patched, would have given root access to an attacker and broad control over a victim\u2019s cloud-based studio and connected systems. (Image Source: Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"45.811816939891\"><body readability=\"92.064241486068\"><\/p>\n<p>A popular platform for developing AI systems has patched an easily exploitable vulnerability that would have given an attacker remote code execution privileges.<\/p>\n<p>Researchers at application security firm Noma <a href=\"https:\/\/noma.security\/noma-research-discovers-rce-vulnerability-in-ai-development-platform-lightning-ai\/\">detail<\/a> how the flaw, embedded in Javascript code for Lightning.AI\u2019s development platform, could be manipulated to give an attacker virtually unfettered access to a user\u2019s cloud studio, as well as the ability to execute arbitrary code, exfiltrate sensitive data and create, modify or delete files.<\/p>\n<p>Noma researchers spotted a hidden parameter in the URL of the JavaScript code used in Lightning.AI\u2019s software called \u201ccommand.\u201d By manipulating the command\u2019s placement in the URL, an attacker can create malicious phishing links for specific victims and studios.<\/p>\n<p>According to Noma, the vulnerability was discovered Oct. 14, 2024, and researchers began engaging with representatives from Lightning.AI over Discord the same day. A patch was developed and implemented by Oct. 25.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Gal Moyal, who works in the office of Noma\u2019s chief technology officer, told CyberScoop that the vulnerability carries a CVSS severity rating of 9.4 and offers \u201croot access with the \u2026 highest privileges there\u201d are. A spokesperson for Noma told CyberScoop that a formal CVE ID was not requested for the flaw.<\/p>\n<p>That level of access could have also threatened the security of other systems or subsystems that connect to a victim\u2019s cloud studio, and potentially allow an attacker to move laterally to other systems. The command vulnerability could also be used to access the account\u2019s AWS cloud metadata, potentially giving an attacker access to sensitive data, access tokens and user information.<\/p>\n<p>\u201cThis is an example of a vulnerability which \u2026 can shut down essentially everything you own,\u201d Moyal said. \u201cThis is every secret that you own; your AWS account, your platform within Lightning.AI, anything that was connected to Lightning.AI can now be used by a malicious actor to their want.\u201d<\/p>\n<p>Moyal said the inclusion of the hidden parameter was either a mistake that someone forgot to delete from the JavaScript code or a design flaw.<\/p>\n<p>A spokesperson for Lightning.AI told CyberScoop that they do not have any evidence of the bug being exploited in the wild by malicious parties and have put additional security protections in place in addition to patching.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cOur security review confirmed no unauthorized access occurred before the fix,\u201d the spokesperson said in an email. \u201cBeyond patching, we strengthened input validation, tightened access controls, and reinforced internal security protocols to prevent similar risks.\u201d<\/p>\n<p>Lightning.AI (formerly Grid.AI) was founded in 2019 and has since become a widely used platform for developers to collaborate and build cloud-based AI systems. The company is an AWS partner and <a href=\"https:\/\/www.prnewswire.com\/news-releases\/lightning-ai-raises-50m-to-simplify-and-scale-ai-development-for-enterprises-and-developers-302313164.html\">recently raised<\/a> $50 million in equity from companies like JPMorgan Chase, NVIDIA, Cisco Investments and K5 Global.<\/p>\n<p>The founders behind the company were also developers for PyTorch Lightning, a popular open-source tool that developers use to scale deep-learning AI systems that run on distributed hardware. The tool\u2019s <a href=\"https:\/\/github.com\/lightning-ai\">GitHub page<\/a> has more than 28,000 stars and has been forked more than 3,400 times. <\/p>\n<p>In an interview with TechCrunch in November 2024, co-founder William Falcon <a href=\"https:\/\/techcrunch.com\/2025\/01\/20\/deepseek-claims-its-reasoning-model-beats-openais-o1-on-certain-benchmarks\/\">claimed<\/a> that NVIDIA\u2019s suite of NeMo large language models and Stability.AI\u2019s Stable Diffusion tool were trained or built using Lightning.AI tools.<\/p>\n<p>Moyal said the vulnerability is an example of how the rush to adopt emerging AI products could leave businesses more vulnerable to critical flaws like the one Noma found.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cWe are in an AI world where everything is fast paced,\u201d he said. \u201cThere is very high, accelerated adoption of AI, and right now, I feel like this is a very fertile ground for mistakes and bugs.\u201d<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"3.7980582524272\">\n<div class=\"author-card\" readability=\"13\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/01\/vulnerability-in-popular-ai-developer-could-shut-down-essentially-everything-you-own-1.jpg?w=640&ssl=1\" alt=\"Derek B. Johnson\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Derek B. Johnson<\/h4>\n<p> Derek B. Johnson is a reporter at CyberScoop, where his beat includes cybersecurity, elections and the federal government. Prior to that, he has provided award-winning coverage of cybersecurity news across the public and private sectors for various publications since 2017. Derek has a bachelor\u2019s degree in print journalism from Hofstra University in New York and a master\u2019s degree in public policy from George Mason University in Virginia. <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Geopolitics<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/lightningai-vulnerability-noma-cloud-phishing\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Vulnerability in popular AI developer could \u2018shut down essentially everything<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[235,634,78,256,310,49],"tags":[236,635,86,262,311,57],"class_list":["post-7124","post","type-post","status-publish","format-standard","hentry","category-ai","category-cloud","category-cybersecurity","category-research","category-technology","category-threat-intelligence","tag-ai","tag-cloud","tag-cybersecurity","tag-research","tag-technology","tag-threat-intelligence"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/ai\/\" rel=\"category tag\">AI<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cloud\/\" rel=\"category tag\">Cloud<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/research\/\" rel=\"category tag\">Research<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/technology\/\" rel=\"category tag\">Technology<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/threat-intelligence\/\" rel=\"category tag\">Threat Intelligence<\/a>","tag_info":"Threat Intelligence","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/7124","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=7124"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/7124\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=7124"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=7124"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=7124"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":7124,"date":"2025-01-29T09:29:45","date_gmt":"2025-01-29T15:29:45","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=83314"},"modified":"2025-01-29T09:29:45","modified_gmt":"2025-01-29T15:29:45","slug":"vulnerability-in-popular-ai-developer-could-shut-down-essentially-everything-you-own","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2025\/01\/29\/vulnerability-in-popular-ai-developer-could-shut-down-essentially-everything-you-own\/","title":{"rendered":"Vulnerability in popular AI developer could \u2018shut down essentially everything you own\u2019\u00a0"},"content":{"rendered":"