Malicious Hugging Face Models Could Trigger Remote Code Execution

A flaw in Hugging Face Transformers could allow malicious AI models to execute code, exposing credentials and highlighting AI ...
CSOonline

Attackers hide malicious code in Hugging Face AI model Pickle files

The popular Python Pickle serialization format, which is common for distributing AI models, offers ways for attackers to inject malicious code that will be executed on computers when loading models ...
CSO Online

Hugging Face Transformers RCE flaw enables stealthy compromise via AI model configs

With over 2.2 billion installs, the flawed Python package offers attackers a huge blast radius, including silent access to ...
Business Wire

Hugging Face and Protect AI Partner to Support Safe and Secure Usage of World’s Largest Repository of Open Source Machine Learning Models

SEATTLE & BROOKLYN, N.Y.--(BUSINESS WIRE)--Protect AI, the leading Artificial Intelligence (AI) and Machine Learning (ML) security company, and Hugging Face, the world's fastest growing community and ...
The Verge

Bluesky won’t use your posts for AI training, but can it stop anyone else?

Today, a Hugging Face employee published data from 1 million Bluesky posts scraped from its API to the AI repository. He’s removed it and apologized, but 404 Media notes the set was “trending” all day ...
InfoQ

Hugging Face Brings Open-Source LLMs to GitHub Copilot Chat in VS Code

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...