Malicious AI Models on Hugging Face Exploit Novel Attack Technique www.infosecurity-magazine.com/news/mali…

Researchers at Reversing Labs have discovered two malicious machine learning (ML) models available on Hugging Face, the leading hub for sharing AI models and applications.

While these models contain malicious code, they were not flagged as “unsafe” by Hugging Face’s security scanning mechanisms.

The Reversing Labs researchers saw that these malicious models exploit a novel malware distribution technique by abusing Pickle file serialization.