An unprivileged process inside a CUDA container can gain arbitrary read/write to every byte of VRAM on a shared GPU — model theft, model poisoning, private inference data exposure. No special permissions, no kernel exploits, invisible to endpoint security. This is GPUBreach: Lateral Movement, Collection, and Impact.
Before the full GPUBreach paper was published, the Stealthium security team traced the vulnerable path in NVIDIA's open-source kernel modules, confirmed the overflow dimensions with an instrumented kernel build, and had detection in place. This post documents that analysis.
When compiling a CUDA program, nvcc creates something more complex than a simple executable. This post explores the internals of CUDA's fatbin format — the multi-architecture binary container that makes 'compile once, run anywhere' possible, and the security implications hiding in plain sight.
NVML is the industry standard for GPU monitoring, but at production scale its per-call overhead compounds fast. Stealthium GPU Monitor is our answer: a monitoring layer we built and own, designed for deep observability with faster startup, lower memory footprint, and richer data than NVML in most cases.
The US government has committed $500 billion to AI infrastructure. Enterprises are dropping eight figures on H100 clusters. And not one of them has a tool that tells them what is actually executing inside those accelerators at runtime.
Enterprises are deploying AI workloads with zero GPU-level security visibility, caught in a dangerous shared responsibility blind spot. Cloud providers secure the infrastructure—but what runs inside your GPU allocation has always been your responsibility.
As artificial intelligence infrastructure scales across enterprises and public sector organizations, security, transparency, and compliance have become critical operating requirements. Modern AI environments are highly distributed, GPU-accelerated, and often shared across multiple tenants, yet visibility and runtime protection at the GPU layer remain limited.
The AI revolution is happening whether you're on board or not, and that means something you're doing requires GPUs, probably something business critical. And when NVIDIA's kernel modules leaked two privilege-escalation vulnerabilities this fall, most organizations learned about GPU attack surfaces the hard way—through CVE notices rather than telemetry.