Malicious ML models found on Hugging Face Hub - Help Net Security

Two malicious machine learning models, stored in PyTorch format, were discovered on Hugging Face Hub. The models, which evaded detection by exploiting a vulnerability in the Picklescan tool, contained code to create reverse shells on infected machines. The Hugging Face security team has removed the models and improved Picklescan’s detection capabilities.