The Hacker News

Picklescan Bugs Allow Malicious PyTorch Models to Evade Scans and Execute Code

Picklescan flaws allowed attackers to bypass scans and execute hidden code in malicious PyTorch models before the latest ...
GIGAZINE

With the release of the image generation AI 'Stable Diffusion' as open source, many useful tools such as the

Derived models are hosted in online repositories such as Hugging Face and GitHub, or distributed using torrents and uploaders, but malware is installed in models published by unspecified people. There ...
Infosecurity Magazine

Critical PickleScan Vulnerabilities Expose AI Model Supply Chains

Three critical zero-day vulnerabilities affecting PickleScan, a widely used tool for scanning Python pickle files and PyTorch ...