- European cloud group invests to create what it dubs “Trump-proof cloud services”
- The OnePlus 12 is still a powerhouse in 2025 - and it's on sale for a limited time
- The 110+ best Amazon Spring Sale tech deals still live
- OpenAI Seeks Feedback About Open Model That Will Be Revealed ‘In the Coming Months’
- Roundup: AMD closes ZT Systems and teams with Rapt for AI development; bands with Oracle
SAP security holes raise questions about the rush to AI
“As AI infrastructure is fast becoming a staple of many business environments, the implications of these attacks are becoming more and more significant. The AI training process requires access to vast amounts of sensitive customer data, which turns AI training services into attractive targets for attackers. SAP AI Core offers integrations with S/4HANA and other cloud services, to access customers’ internal data via cloud access keys. These credentials are highly sensitive.”
Alarming holes
Given how widely deployed SAP systems are within enterprises, and how integrated SAP is with so many other enterprise-level applications and cloud environments, Wiz said the holes were especially alarming.
“By executing arbitrary code, we were able move laterally and take over the service – gaining access to customers’ private files, along with credentials to customers’ cloud environments: AWS, Azure, SAP S/4HANA Cloud, and more,” the report said. “The vulnerabilities we found could have allowed attackers to access customers’ data and contaminate internal artifacts – spreading to related services and other customers’ environments.”
