The Hacker News

Picklescan Bugs Allow Malicious PyTorch Models to Evade Scans and Execute Code

Picklescan flaws allowed attackers to bypass scans and execute hidden code in malicious PyTorch models before the latest ...
Infosecurity Magazine

Critical PickleScan Vulnerabilities Expose AI Model Supply Chains

Three critical zero-day vulnerabilities affecting PickleScan, a widely used tool for scanning Python pickle files and PyTorch ...
Dark Reading

'Sleepy Pickle' Exploit Subtly Poisons ML Models

Researchers have concocted a new way of manipulating machine learning (ML) models by injecting malicious code into the process of serialization. The method focuses on the "pickling" process used to ...
Dark Reading

Hugging Face AI Platform Riddled With 100 Malicious Code-Execution Models

Researchers have discovered about 100 machine learning (ML) models that have been uploaded to the Hugging Face artificial intelligence (AI) platform and potentially enable attackers to inject ...
heise online

Hugging Face: Malicious ML models uncovered on development platform

IT researchers have discovered malicious ML models on the Hugging Face AI development platform. Attackers could use them to infiltrate commands. IT researchers have discovered maliciously manipulated ...