New Hugging Face Vulnerability Exposes AI Models to Supply Chain Attacks

February 28, 2024

Cybersecurity researchers have found that it’s possible to compromise the Hugging Face Safetensors conversion service to ultimately hijack the models submitted by users and result in supply chain attacks.
“It’s possible to send malicious pull requests with attacker-controlled data from the Hugging Face service to any repository on the platform, as well as hijack any models that are submitted

Article posted by: https://thehackernews.com/2024/02/new-hugging-face-vulnerability-exposes.html
——————————————————————————————————————–
Infocerts, 5B 306 Riverside Greens, Panvel, Raigad 410206 Maharashtra, India
Contact us – https://www.infocerts.com

Open Whatsapp chat
Whatsapp Us
Chat with us for faster replies.