SiliconANGLE

Critical Hugging Face Transformers flaw ran attacker code on a routine model load

Pluto Security Inc. today disclosed a critical remote code execution vulnerability in Hugging Face Inc.’s Transformers library that allowed attacker-controlled artificial intelligence models to run ...
CSOonline

Attackers hide malicious code in Hugging Face AI model Pickle files

The popular Python Pickle serialization format, which is common for distributing AI models, offers ways for attackers to inject malicious code that will be executed on computers when loading models ...