April 30, 2024 at 10:16AM AI security firm HiddenLayer warns that a vulnerability in the R programming language implementation (CVE-2024-27322, CVSS score 8.8) can be exploited by loading a malicious RDS file, allowing arbitrary code execution. This poses a risk of supply chain attacks, particularly within the R community. Patches for this vulnerability have been … Read more
March 17, 2024 at 07:08AM AI developers and data scientists are urged to be mindful of security and supply-chain attacks amidst the relentless progress in AI technology. With a growing threat of malware in models and libraries, cybersecurity and AI startups are emerging to address the vulnerability. Ensuring supply-chain security in the AI community is … Read more
October 11, 2023 at 08:42AM Protect AI, the maker of Huntr, a bug bounty program for open source software, has licensed three of its AI/ML security tools under the permissive Apache 2.0 terms. The first tool, NB Defense, helps protect machine learning projects in Jupyter Notebooks. The second tool, ModelScan, scans ML models for attacks … Read more