September 25, 2024 at 10:42AM Google’s AI assistant Gemini is now available to millions of Workspace users, offering convenient features integrated into Gmail, Meet, and Drive. However, security firm HiddenLayer warns of potential risks, as indirect prompt injection flaws could lead to phishing and chatbot takeover attacks. While HiddenLayer reported these issues to Google, the … Read more
April 30, 2024 at 10:16AM AI security firm HiddenLayer warns that a vulnerability in the R programming language implementation (CVE-2024-27322, CVSS score 8.8) can be exploited by loading a malicious RDS file, allowing arbitrary code execution. This poses a risk of supply chain attacks, particularly within the R community. Patches for this vulnerability have been … Read more
March 17, 2024 at 07:08AM AI developers and data scientists are urged to be mindful of security and supply-chain attacks amidst the relentless progress in AI technology. With a growing threat of malware in models and libraries, cybersecurity and AI startups are emerging to address the vulnerability. Ensuring supply-chain security in the AI community is … Read more
October 11, 2023 at 08:42AM Protect AI, the maker of Huntr, a bug bounty program for open source software, has licensed three of its AI/ML security tools under the permissive Apache 2.0 terms. The first tool, NB Defense, helps protect machine learning projects in Jupyter Notebooks. The second tool, ModelScan, scans ML models for attacks … Read more