Skip to main content

Tag: model poisoning

5 articles

Eerie library with robotic face mask surrounded by broken devices and tangled wires.

Popular Python libraries: Stunning Hugging Face danger

Think twice before blindly loading Hugging Face models: researchers found attackers can hide executable Python code in file metadata and malformed pickles so a downloaded model can automatically run malicious payloads. With major libraries and millions of downloads affected, this stealthy supply‑chain trick puts countless projects and machines at risk.

Analyst 207
Person in suit reaches out to touch ominous laptop screen displaying swirling code.

AI Browsers Exclusive: Security Leaders Call Risky

Before you roll out agentic browsers, pause—security leaders warn these AI-powered tools can trade productivity for stealthy new attack surfaces. With embedded models, persistent state and plugins able to act for users, CISOs are being urged to block or tightly control them until hardened safeguards arrive.

Analyst 207
PickleScan Exclusive: Critical Flaws Rock AI Supply Chains

PickleScan Exclusive: Critical Flaws Rock AI Supply Chains

Researchers disclosed three critical PickleScan zero-days that let attackers stealthily swap or tamper with local AI models—injecting misinformation, bias, or even exfiltrating data from Python/PyTorch model runners. Exploitable via drive-by browser-origin attacks against assumed-safe local admin endpoints, these flaws show how our trusted AI tooling can become the weakest link in the supply chain.

Analyst 207
Dark cityscape with ominous robotic head emerging from shadows, glowing red eyes, and faint laptop screen in background.

Gemini AI Exclusive: Dangerous Thinking Robot Malware

What if the AI meant to amplify our thinking could be turned into thinking robot malware that rewrites itself to hide from defenders? New research shows attackers chaining prompt- and log-injection tricks to weaponize Gemini into self-modifying, persistent surveillance agents that sidestep many standard safeguards.

Analyst 207
exposed Ollama servers: Risky Must-Have Security Fix

exposed Ollama servers: Risky Must-Have Security Fix

Cisco Talos found 1,100+ publicly exposed Ollama servers, creating easy paths for data theft, malicious model swaps, and other abuse. It’s a wake-up call to fix misconfigurations, enforce authentication, and make secure defaults the norm.

Analyst 207