Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://mastodon.social/users/LukaszOlejnik/statuses/113968737582881374">Lukasz Olejnik (lukaszolejnik@mastodon.social)'s status on Sunday, 09-Feb-2025 03:50:23 JST</a><a href="https://mastodon.social/@LukaszOlejnik" title="lukaszolejnik@mastodon.social"><img src="https://gnusocial.jp/avatar/18834-48-20221107075922.webp" width="48" height="48" alt="Lukasz Olejnik" style="position: absolute; left: 0; top: 0;">Lukasz Olejnik</a></section><article><p>Malicious open source models are being uploaded to popular repository hugging face. This will be a completely new cybersecurity risk. Now it's merely code execution. But expect tainted/poisoned weights impacting outputs. Python reverse shell script enables remote command execution. On Linux, it spawns a `/bin/sh` shell, on Windows, it launches PowerShell and enables bidirectional communication. <a href="https://www.reversinglabs.com/blog/rl-identifies-malware-ml-model-hosted-on-hugging-face" rel="nofollow">https://www.reversinglabs.com/blog/rl-identifies-malware-ml-model-hosted-on-hugging-face</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4531522#notice-8873133">In conversation</a><time datetime="2025-02-09T03:50:23+09:00" title="Sunday, 09-Feb-2025 03:50:23 JST">about 3 months ago</time> <span>from <span><a href="https://mastodon.social/@LukaszOlejnik/113968737582881374" rel="external" title="Sent from mastodon.social via ActivityPub">mastodon.social</a></span></span><a href="https://mastodon.social/@LukaszOlejnik/113968737582881374">permalink</a><h4>Attachments</h4><ol><li><label><a rel="external" href="https://gnusocial.jp/attachment/4104572">Untitled attachment</a></label><br><a href="https://files.mastodon.social/media_attachments/files/113/968/724/783/346/875/original/3265272a71b5cefc.png" rel="external">https://files.mastodon.social/media_attachments/files/113/968/724/783/346/875/original/3265272a71b5cefc.png</a></li><li><article><header><div>Domain not in remote thumbnail source whitelist: www.reversinglabs.com</div><h5><a href="https://www.reversinglabs.com/blog/rl-identifies-malware-ml-model-hosted-on-hugging-face">Malicious ML models discovered on Hugging Face platform</a></h5><div> from <span>@ReversingLabs</span></div></header><div>Developers working on machine learning take note: RL threat researchers have identified nullifAI, a novel attack technique used on Hugging Face.</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Lukasz Olejnik (lukaszolejnik@mastodon.social)'s status on Sunday, 09-Feb-2025 03:50:23 JST Lukasz Olejnik
Malicious open source models are being uploaded to popular repository hugging face. This will be a completely new cybersecurity risk. Now it's merely code execution. But expect tainted/poisoned weights impacting outputs. Python reverse shell script enables remote command execution. On Linux, it spawns a `/bin/sh` shell, on Windows, it launches PowerShell and enables bidirectional communication. https://www.reversinglabs.com/blog/rl-identifies-malware-ml-model-hosted-on-hugging-face
In conversationabout 3 months ago from mastodon.socialpermalink
Attachments
1. Untitled attachment
  https://files.mastodon.social/media_attachments/files/113/968/724/783/346/875/original/3265272a71b5cefc.png
2. Domain not in remote thumbnail source whitelist: www.reversinglabs.com
  Malicious ML models discovered on Hugging Face platform
  from @ReversingLabs
  Developers working on machine learning take note: RL threat researchers have identified nullifAI, a novel attack technique used on Hugging Face.

Public

Embed Notice

HTML Code

Corresponding Notice