New Hugging Face Vulnerability Exposes AI Models to Supply Chain Attacks

5 months ago [email protected] (The Hacker News)
New Hugging Face Vulnerability Exposes AI Models to Supply Chain Attacks


Cybersecurity researchers have found that it’s possible to compromise the Hugging Face Safetensors conversion service to ultimately hijack the models submitted by users and result in supply chain attacks.
“It’s possible to send malicious pull requests with attacker-controlled data from the Hugging Face service to any repository on the platform, as well as hijack any models that are submitted

The post “New Hugging Face Vulnerability Exposes AI Models to Supply Chain Attacks” appeared first on The Hacker News

Source:The Hacker News – [email protected] (The Hacker News)

Tags: ,

More Stories

French Authorities Launch Operation to Remove PlugX Malware from Infected Systems

3 hours ago [email protected] (The Hacker News)

Malicious PyPI Package Targets macOS to Steal Google Cloud Credentials

3 hours ago [email protected] (The Hacker News)

This AI-Powered Cybercrime Service Bundles Phishing Kits with Malicious Android Apps

20 hours ago [email protected] (The Hacker News)

Offensive AI: The Sine Qua Non of Cybersecurity

22 hours ago [email protected] (The Hacker News)

U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on Hospitals

1 day ago [email protected] (The Hacker News)

Ongoing Cyberattack Targets Exposed Selenium Grid Services for Crypto Mining

1 day ago [email protected] (The Hacker News)