Login to account Create an account  


Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Just in case you like to "experiment" with AI
#1
I know that many people, including close friends and family of mine, enjoy playing with publicly available AI chat boxes;

Be forewarned, 

Hugging Face AI Platform Riddled With 100 Malicious Code-Execution Models
 

Researchers have discovered about 100 machine learning (ML) models that have been uploaded to the Hugging Face artificial intelligence (AI) platform and potentially enable attackers to inject malicious code onto user machines. The findings further underscore the growing threat that lurks when attackers poison publicly available AI models for nefarious activity.
 
The discovery of the malicious models by JFrog Security Research is part of ongoing research by the firm into how attackers can use ML models to compromise user environments, according to a blog post published this week.


Be careful out there...
Reply
#2
(03-03-2024, 02:20 PM)Maxmars Wrote: I know that many people, including close friends and family of mine, enjoy playing with publicly available AI chat boxes;

Be forewarned, 

Hugging Face AI Platform Riddled With 100 Malicious Code-Execution Models
 

Researchers have discovered about 100 machine learning (ML) models that have been uploaded to the Hugging Face artificial intelligence (AI) platform and potentially enable attackers to inject malicious code onto user machines. The findings further underscore the growing threat that lurks when attackers poison publicly available AI models for nefarious activity.
 
The discovery of the malicious models by JFrog Security Research is part of ongoing research by the firm into how attackers can use ML models to compromise user environments, according to a blog post published this week.


Be careful out there...
Read a whole series of sci-fi books about divers in the ocean ? 

the computers were unable to use internet as it was vast war of competing ai viruses. Anytime they could jump from internet to any computer they would infect it and take over. 

might soon become reality.
Reply
#3
Eventually we'll have to accept as permanent, or seek to change, the fact that our collective reliance on "standardized" protocols makes for the massive weaknesses we all are exposing ourselves to.  A great deal of this has to do with what "we take for granted" about "how" computers work.  Sort of like, fretting over the economy without openly accepting that our monetary policies are the "tools and property" of banks.

Computers are built to conform now... not to innovate - outside of 'marketing.'  That conformity opens the doors to "hackery" [is that a word?]
Reply
#4
(03-03-2024, 02:20 PM)Maxmars Wrote: I know that many people, including close friends and family of mine, enjoy playing with publicly available AI chat boxes;

Be forewarned, 

Hugging Face AI Platform Riddled With 100 Malicious Code-Execution Models

Hugging Face is not an AI chat box, from what I have seen (it's the first time I see this name) they are a repository of AI models that can be downloaded by people creating or working in an AI system.

So yes, always be careful, but I doubt most people using AI language models will ever use Hugging Face.
Reply
#5
thats actually a new field of pentesting happening with that that I haven't even began to dive into yet. Seems pretty cool though, not the hacking and malicious use of LLM but the concepts involved.

"I thought what I'd do was, I'd pretend I was one of those deaf-mutes."
Reply



Forum Jump: