Posted 2/28/2024, 10:12:17 PM
Over 100 Malicious AI Models Found on Popular Hugging Face Platform
- Over 100 malicious AI models were found on Hugging Face platform that could execute code and create backdoors on users' machines
- Hugging Face is an AI/ML platform where communities share models, datasets, and applications
- Security team JFrog found ~100 models on Hugging Face that had malicious functionality, posing data breach and espionage risks
- Payloads gave models ability to establish reverse shells to attackers and execute arbitrary code
- Some uploads could be security research to test Hugging Face defenses, but malicious models becoming public poses significant risks