EN
  • Cyber stability
  • Secops
  • Risks management
  • Digital transformation
  • Digital Sovereignty
  • Cybercrime
  • Industry and OT
  • Fraud
  • Digital identity
  • Cyber +
    • Malicious AI models detected on open source platform Hugging Face 

    Malicious AI models detected on open source platform Hugging Face 

    Written by
    The Editorial Team
    03.08.24
    Risks management
    02
    MIN
    Malicious AI models detected on open source platform Hugging Face 
    Malicious AI models detected on open source platform Hugging Face 
    Malicious AI models detected on open source platform Hugging Face 
    Image Child privacy and protection: finding the right balance in the fight against dangerous sexual content
    Risks management
    04.09.24 Risks management
    Next article
    Child privacy and protection: finding the right balance in the fight against dangerous sexual content
    Read
    04
    MIN
    Image Artificial Intelligence: What are the 5 major cyber threats for 2024?
    Risks management
    03.20.24 Risks management
    Next article
    Artificial Intelligence: What are the 5 major cyber threats for 2024?
    Read
    03
    MIN
    Image Jean-Jacques Latour: "To date, we have not identified any new threat linked to artificial intelligence"
    Risks management
    03.18.24 Risks management
    Next article
    Jean-Jacques Latour: “To date, we have not identified any new threat linked to artificial intelligence”
    Read
    06
    MIN
    Image Storage must form the core of an enterprise cybersecurity strategy
    Risks management
    03.14.24 Risks management
    Next article
    Storage must form the core of an enterprise cybersecurity strategy
    Read
    05
    MIN

    Models could allow attackers to take control of devices, or inject malicious code. 

    On February 27, 2024, the IFrog cybersecurity software provider revealed it had discovered a hundred or so malicious AI models on the open source community platform, Hugging Face. Launched in 2016, the latter offers over 500,000 open source machine-learning models.

    Its popularity increases the potential for harm due to the malicious code in the models it hosts. “When we talk about malicious templates, we mean those that contain real, harmful, payloads. The count excludes false positives, which guarantees an accurate picture of how actions undertaken to produce malicious models on Hugging Face are distributed,” reads IFrog’s report.

    For the most part, the malicious models aim to take control of devices, particularly by setting up reverse shells. Some make it possible to inject arbitrary code. In most cases, the malicious payload is undetectable by the infected device.

    Among the developers of these problematic models, IFrog identified several artificial intelligence researchers. According to the authors of the report, the researchers were attempting to “run the code for apparently legitimate purposes.”

    Hugging Face responded by stating that the platform regularly analyzed the models it uploaded, in particular to assess if they contained malicious payloads. IFrog concludes by warning users of this type of open source resource. To avoid any risks, a study of the suggested code seems to be an essential prerequisite for any operational implementation.

    The Editorial Team
    03.08.24
    Articles by the same author:
    1
    04.08.24 Cybercrime
    AT&T data theft: 73 million accounts compromised
    Read
    01
    MIN
    2
    04.08.24 Industry and OT
    Kaspersky notes slight decrease in attacks against ICS 
    Read
    02
    MIN
    3
    04.05.24 Digital Sovereignty
    DMA: European Commission to investigate Alphabet, Apple and Meta 
    Read
    02
    MIN
    4
    04.02.24 Digital Sovereignty
    Atos/Eviden: Airbus throws in the towel (again)
    Read
    02
    MIN
    Image Child privacy and protection: finding the right balance in the fight against dangerous sexual content
    Risks management
    04.09.24 Risks management
    Next article
    Child privacy and protection: finding the right balance in the fight against dangerous sexual content
    Read
    04
    MIN
    Image Artificial Intelligence: What are the 5 major cyber threats for 2024?
    Risks management
    03.20.24 Risks management
    Next article
    Artificial Intelligence: What are the 5 major cyber threats for 2024?
    Read
    03
    MIN
    Image Jean-Jacques Latour: "To date, we have not identified any new threat linked to artificial intelligence"
    Risks management
    03.18.24 Risks management
    Next article
    Jean-Jacques Latour: “To date, we have not identified any new threat linked to artificial intelligence”
    Read
    06
    MIN
    Image Storage must form the core of an enterprise cybersecurity strategy
    Risks management
    03.14.24 Risks management
    Next article
    Storage must form the core of an enterprise cybersecurity strategy
    Read
    05
    MIN
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.