New Hugging Face Vulnerability Exposes AI Models to Supply Chain Attacks
February 27, 2024 at 05:45AM Cybersecurity researchers discovered a vulnerability in the Hugging Face Safetensors conversion service, allowing malicious actors to hijack models submitted by users and conduct supply chain attacks. The attack could compromise repositories, leading to the theft of tokens and potential backdoor implantation. Another recent vulnerability in GPGPUs allowed data recovery from … Read more