Slash Boxes

SoylentNews is people

Submission Preview

Link to Story

HuggingFace AI exposing multiple backdoors to users machines

Accepted submission by bmimatt at 2024-02-29 20:57:26 from the no-sec-in-ai dept.
Security []

At least 100 instances of malicious AI ML models were found on the Hugging Face platform, some of which can execute code on the victim's machine, giving attackers a persistent backdoor.
The analysts deployed a HoneyPot to attract and analyze the activity to determine the operators' real intentions but were unable to capture any commands during the period of the established connectivity (in one day).

Original Submission