<ul><li>Sysdig's Threat Research Team discovered a malware campaign that exploited misconfigured instances of Open WebUI to deploy malicious, AI-generated payloads targeting Linux and Windows systems.</li><li>The attacker uploaded a malicious Python script through Open WebUI's plugin system, using obfuscation techniques, indicative of AI-generated code.</li><li>The malware targeted crypto mining on Linux systems and included components for credential theft, sandbox evasion, and hardware discovery on Windows systems.</li><li>Sysdig's runtime threat detection was able to identify the threat in real-time, utilizing YARA rules, behavioral detections, and threat intelligence to detect the suspicious activity.</li></ul>

Sysdig detects AI-assisted malware exploiting Open WebUI misconfigurations

Discover more