AI-as-a-Service Providers Vulnerable to PrivEsc and Cross-Tenant Attacks
April 5, 2024 at 10:39AM New research has revealed that AI-as-a-service providers, like Hugging Face, are vulnerable to threats allowing attackers to gain access to private AI models and apps. The findings highlight the risk of supply chain attacks on machine learning pipelines. Recommendations include using trusted AI models, enabling multi-factor authentication, and avoiding pickle … Read more