Malicious ML Models on Hugging Face Leverage Broken Pickle Format to Evade Detection

DeepSeek App Transmits Sensitive User and Device Data Without Encryption

CISA Warns of Active Exploitation in Trimble Cityworks Vulnerability Leading to IIS RCE

AI-Powered Social Engineering: Reinvented Threats

Microsoft Identifies 3,000+ Publicly Disclosed ASP.NET Machine Keys Vulnerable to Code Injection

Cybersecurity researchers have uncovered two malicious machine learning (ML) models on Hugging Face that leveraged an unusual technique of "broken" pickle files to evade detection.
"The pickle files extracted from the mentioned PyTorch archives revealed the malicious Python content at the beginning of the file," ReversingLabs researcher Karlo Zanki said in a report shared with The Hacker News. "

Headline

Malicious ML Models on Hugging Face Leverage Broken Pickle Format to Evade Detection

The Hacker News: Latest News