Critical Bugs Put Hugging Face AI Platform in a ‘Pickle’

April 5, 2024 at 04:51PM Two critical security vulnerabilities in the Hugging Face AI platform allowed attackers to access customer data and overwrite images in a shared container registry. Researchers at Wiz found weaknesses in Hugging Face’s Inference API, Endpoints, and Spaces. The vulnerabilities were exploited by uploading a Pickle-based model. Hugging Face has since … Read more