Malicious Hugging Face Models Could Trigger Remote Code Execution

A flaw in Hugging Face Transformers could allow malicious AI models to execute code, exposing credentials and highlighting AI ...
CSOonline

Attackers hide malicious code in Hugging Face AI model Pickle files

The popular Python Pickle serialization format, which is common for distributing AI models, offers ways for attackers to inject malicious code that will be executed on computers when loading models ...
CSO Online

Hugging Face Transformers RCE flaw enables stealthy compromise via AI model configs

With over 2.2 billion installs, the flawed Python package offers attackers a huge blast radius, including silent access to ...
Dark Reading

Open Source AI Models: Perfect Storm for Malicious Code, Vulnerabilities

Attackers are finding more and more ways to post malicious projects to Hugging Face and other repositories for open source artificial intelligence (AI) models, while dodging the sites' security checks ...
Infosecurity-magazine.com

Malicious AI Models on Hugging Face Exploit Novel Attack Technique

Researchers at Reversing Labs have discovered two malicious machine learning (ML) models available on Hugging Face, the leading hub for sharing AI models and applications. While these models contain ...
techtimes

Bluesky Open API: Data Scrapers May Access Firehouse for AI Training, as Demoed by Hugging Face

Too much of a good thing can be bad, and that is what is happening over at Bluesky which is now facing criticisms because of its renowned 'open API' called Firehouse, as almost anyone can take data ...
InfoQ

Hugging Face Introduces AI Sheets, a No-Code Tool for Dataset Transformation

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...