Multiple generative AI models uploaded to Hugging Face were found to be vulnerable in a way that allowed threat actors to run malicious code and extract sensitive user information.
This is according to a new report from the cloud security firm Wiz. In a blog post published late last week, Wiz said that it found two critical architecture flaws on the platform where people collaborate on their machine learning (ML) models.
The flaws are described as shared inference infrastructure takeover risk, and shared continuous integration and continuous deployment (CI/CD) takeover risk. In layman’s terms, the flaws can be used to upload malicious AI models and tamper with container registries.
