CyberSecurity news
FlagThis - #nvidia
|
@blogs.nvidia.com
//
Nvidia is currently facing pressure from the U.S. government regarding AI GPU export rules. CEO Jensen Huang has been advocating for the Trump administration to relax these restrictions, arguing they hinder American companies' ability to compete in the global market. Huang stated at the Hill and Valley Forum that China is not far behind the U.S. in AI capabilities, emphasizing the need to accelerate the diffusion of American AI technology worldwide. He also acknowledged Huawei's progress in computing, networking, and software, noting their development of the CloudMatrix 384 system. This system, powered by Ascend 910C accelerators, is considered competitive with Nvidia's GB200 NVL72, signaling the emergence of domestic alternatives in China.
Despite Nvidia's pleas, the Trump administration is considering tighter controls on AI GPU exports. The administration plans to use chip access as leverage in trade negotiations with other nations. This approach contrasts with Nvidia's view that restricting exports will only fuel the development of competing hardware and software in countries like China. According to the AI Diffusion framework, access to advanced AI chips like Nvidia’s H100 is only unrestricted for companies based in the U.S. and "Tier 1" nations, while those in "Tier 2" nations face annual limits and "Tier 3" countries are effectively barred. Adding to the complexity, Nvidia is also engaged in a public dispute with AI startup Anthropic over the export restrictions. Anthropic has endorsed the Biden-era "AI Diffusion Rule" and has claimed there has been chip smuggling to China. An Nvidia spokesperson dismissed Anthropic's claims about chip smuggling tactics as "tall tales," arguing that American firms should focus on innovation instead of trying to manipulate policy for competitive advantage. As the May 15th export controls deadline approaches, the tensions continue to rise within the AI industry over the balance between national security, economic prosperity, and global competitiveness.
Share:
References :
Classification:
@cyberpress.org
//
NVIDIA has issued a critical security update for its TensorRT-LLM framework to address a high-severity vulnerability, identified as CVE-2025-23254. This flaw poses significant risks, potentially leading to remote code execution, data tampering, and information disclosure. All platforms and versions of TensorRT-LLM prior to 0.18.2 are affected, making this update essential for users to safeguard their systems against potential attacks. The vulnerability resides in the Python executor component of TensorRT-LLM and stems from insecure handling of Inter-Process Communication (IPC).
The specific weakness lies in the Python pickle module's utilization for serialization and deserialization within the socket-based IPC system. An attacker with local access to the TRTLLM server could exploit this by injecting malicious code, gaining unauthorized access to sensitive data, or manipulating existing data. NVIDIA has assigned a CVSS base score of 8.8 to this vulnerability, classifying it as high severity, with the underlying technical risk categorized as "Deserialization of Untrusted Data" (CWE-502). Avi Lumelsky of Oligo Security is credited with responsibly reporting the vulnerability. To mitigate this threat, NVIDIA has implemented HMAC (Hash-Based Message Authentication Code) encryption by default for all socket-based IPC operations in both the main and release branches of TensorRT-LLM. This security enhancement ensures the integrity and authenticity of serialized data exchanged between processes, preventing unauthorized code execution. NVIDIA strongly advises users not to disable this encryption feature, as doing so would reintroduce the vulnerability and leave systems vulnerable to potential attacks. Users are urged to immediately update to TensorRT-LLM version 0.18.2 or later to fully address the identified risks.
Share:
References :
Classification:
@blogs.nvidia.com
//
Oracle Cloud Infrastructure (OCI) is now deploying thousands of NVIDIA Blackwell GPUs to power agentic AI and reasoning models. OCI has stood up and optimized its first wave of liquid-cooled NVIDIA GB200 NVL72 racks in its data centers, enabling customers to develop and run next-generation AI agents. The NVIDIA GB200 NVL72 platform is a rack-scale system combining 36 NVIDIA Grace CPUs and 72 NVIDIA Blackwell GPUs, delivering performance and energy efficiency for agentic AI powered by advanced AI reasoning models. Oracle aims to build one of the world's largest Blackwell clusters, with OCI Superclusters scaling beyond 100,000 NVIDIA Blackwell GPUs to meet the growing demand for accelerated computing.
This deployment includes high-speed NVIDIA Quantum-2 InfiniBand and NVIDIA Spectrum-X Ethernet networking for scalable, low-latency performance, along with software and database integrations from NVIDIA and OCI. OCI is among the first to deploy NVIDIA GB200 NVL72 systems, and this deployment marks a transformation of cloud data centers into AI factories. These AI factories are designed to manufacture intelligence at scale, leveraging the NVIDIA GB200 NVL72 platform. OCI offers flexible deployment options to bring Blackwell to customers across public, government, and sovereign clouds, as well as customer-owned data centers. These new racks are the first systems available from NVIDIA DGX Cloud, an optimized platform with software, services, and technical support for developing and deploying AI workloads on clouds. NVIDIA will utilize these racks for various projects, including training reasoning models, autonomous vehicle development, accelerating chip design and manufacturing, and developing AI tools. In related cybersecurity news, Cisco Foundation AI has released its first open-source security model, Llama-3.1-FoundationAI-SecurityLLM-base-8B, designed to improve response time, expand capacity, and proactively reduce risk in security operations.
Share:
References :
Classification:
|