Search AI Products and News

Recently, cybersecurity researchers discovered two malicious machine learning models that were uploaded quietly to the renowned machine learning platform HuggingFace. These models utilized a novel technique, successfully bypassing security detection through 'corrupted' pickle files, raising concerns. Karlo Zanki, a researcher at ReversingLabs, pointed out that the beginning of the pickle files extracted from these PyTorch format archives suggests that

Researchers have discovered approximately 100 malicious machine learning models on the Hugging Face AI platform that could allow attackers to inject harmful code onto user machines. These malicious AI models exploit methods like PyTorch to execute harmful code, increasing security risks. AI developers should use new tools like Huntr to enhance the security of AI models. The identified malicious models highlight the risks that malicious AI models pose to user environments, necessitating ongoing vigilance and enhanced security.

Research from the UK reveals that ChatGPT could be used to generate malicious code. Several commercial AI tools have security vulnerabilities that could endanger database security. Researchers warn that the potential risks require attention. Some companies have adopted recommendations to fix security flaws, but there is still a need to strengthen cybersecurity strategies.

{1: IBM Research found that large language models such as GPT-4 can be easily deceived to generate malicious code or provide false security recommendations. 2: Researchers discovered that a basic understanding of English and some background knowledge about the model's training data is sufficient to easily deceive AI chatbots. 3: Different AI models vary in their susceptibility to deception, with GPT-3.5 and GPT-4 being more easily tricked.}