Pluto Security Inc. today disclosed a critical remote code execution vulnerability in Hugging Face Inc.’s Transformers library that allowed attacker-controlled artificial intelligence models to run ...
A flaw in Hugging Face Transformers could allow malicious AI models to execute code, exposing credentials and highlighting AI supply chain risks. Organizations using vulnerable versions of the Hugging ...
Researchers have discovered about 100 machine learning (ML) models that have been uploaded to the Hugging Face artificial intelligence (AI) platform and potentially enable attackers to inject ...
The repository reached the #1 trending position on Hugging Face within 18 hours, highlighting how public AI repositories are becoming a new software supply chain attack vector. A malicious Hugging ...
The popular Python Pickle serialization format, which is common for distributing AI models, offers ways for attackers to inject malicious code that will be executed on computers when loading models ...
Researchers at Reversing Labs have discovered two malicious machine learning (ML) models available on Hugging Face, the leading hub for sharing AI models and applications. While these models contain ...