August 26, 2024 at 07:30AM Cybersecurity researchers have identified over 20 vulnerabilities in machine learning (ML) software supply chain, posing severe risks like arbitrary code execution and dataset loading. These affect MLOps platforms and ML libraries, like MLFlow and Seldon Core, enabling attackers to execute code and move laterally. The disclosure emphasizes the need for … Read more
August 2, 2024 at 08:12AM Protect AI, an AI and ML security firm, raised $60 million in Series B funding, bringing the total raised to $108.5 million. The investment, led by Evolution Equity Partners, will support their AI Security Posture Management platform, expansion of sales and customer support, R&D, and hiring 50 more specialists. The … Read more
June 13, 2024 at 10:25AM The discovery of a new attack method called Sleepy Pickle poses a significant security risk to machine learning (ML) models. The attack targets ML models by corrupting the Pickle format, allowing for the insertion of payloads to modify model behavior and output. It is recommended to load models from trusted … Read more
March 5, 2024 at 11:06AM Cloudflare announced new security products leveraging AI, including an AI assistant for faster anomaly and cyberattack identification. The assistant uses Cloudflare’s Workers AI to generate charts based on customer queries. They also introduced Defensive AI to improve threat protection. Additional AI-based solutions for protecting APIs and identifying cyberattacks were also … Read more
January 24, 2024 at 10:05AM Prompt Security launched a solution that uses AI to secure companies’ AI products, preventing prompt injection and jailbreaks. Their approach also aims to prevent accidental exposure of sensitive data to tools like ChatGPT. Recognizing potential risks of generative AI adoption, Prompt Security offers protection by inspecting prompts and model responses, … Read more
January 10, 2024 at 01:09PM AI/ML libraries increase attack surfaces, requiring advanced security measures beyond traditional IT capabilities. Based on the meeting notes, the key takeaway is that AI/ML libraries create larger attack surfaces, and traditional IT security lacks some essential capabilities to protect them effectively. Full Article
November 28, 2023 at 03:53AM Researchers have discovered multiple critical vulnerabilities in the infrastructure used by AI models, exposing companies to risk as they adopt AI technology. The affected platforms include Ray, MLflow, ModelDB, and H20 version 3. The vulnerabilities could allow attackers unauthorized access to AI models and the network. Companies must prioritize security … Read more