AI Supply Chain Attack Method Demonstrated Against Google, Microsoft Products
securityweek
Researchers at Palo Alto Networks have uncovered a new attack method that could pose a significant AI supply chain risk, and they demonstrated its impact against Microsoft and Google products, as well as the potential threat for open source projects.
Named ‘Model Namespace Reuse’, the AI supply chain attack method involves threat actors registering names associated with deleted or transferred models that are fetched by developers from platforms such as Hugging Face.
A successful attack can enable threat actors to deploy malicious AI models and achieve arbitrary code execution, Palo Alto Networks said in a blog post describing Model Namespace Reuse.
Hugging Face is a popular platform for hosting and sharing pre-trained models, datasets, and AI applications. When developers want to use a model, they can reference or pull it based on the name of the model and the name of its developer in the format ‘Author/ModelName’.
In a ...
Copyright of this story solely belongs to securityweek . To see the full text click HERE