Hugging Face detects unauthorized access to the AI model hosting platform
23:55 01/06/2024
2 minutes of reading
Late Friday, a time companies often use to announce bad news, artificial intelligence (AI) startup Hugging Face said its security team had detected “unauthorized access” to Spaces – Hugging Face’s platform for building, sharing, and hosting AI models and resources.
In a blog post , Hugging Face said that the intrusion involved “space secrets” – private pieces of information that act as keys to unlock protected resources such as accounts, tools and development environment. Hugging Face “suspects” some secrets may have been accessed by unauthorized third parties.
As a precaution, Hugging Face destroyed some tokens (used for identity verification) in those passwords. Hugging Face said users whose tokens were revoked received notification emails and recommended that all users “re-update any keys or tokens” and consider switching to access tokens details – the type that Hugging Face considers safer.
It is unclear how many users or applications are affected by this potential security vulnerability.
“We are working with external cybersecurity forensic experts to investigate the matter and review our security policies and procedures. We have also reported this incident to the appropriate authorities.” law enforcement and data protection agencies,” Hugging Face wrote in the post. “We regret the disruption this incident may cause and understand the inconvenience it may cause you. We are committed to using this as an opportunity to enhance the security of all its infrastructure.”
In an email statement, a Hugging Face spokesperson said: “The number of cyberattacks has increased significantly over the past few months, likely due to our user base growing significantly and AI becoming more effective. should be more common. Technically, it’s difficult to know exactly how many space secrets have been breached.”
The possible Spaces hack comes as Hugging Face – one of the largest platforms for collaborative AI and data science projects with over a million models, datasets and applications running on AI – is facing increasing scrutiny over its privacy practices.
This past April, researchers at cloud security company Wiz found a (patched) vulnerability that allowed attackers to execute arbitrary code during the build time of an application hosted on Hugging. Face, allowing them to test network connections from their device. Earlier this year, security firm JFrog discovered evidence that code uploaded to Hugging Face covertly installed backdoors and other types of malware on end-user machines. And security startup HiddenLayer has identified ways in which Hugging Face’s more secure serial format, Safetensors, could be exploited to create destructive AI models.
Hugging Face recently said They will work with Wiz to use the company’s vulnerability scanning and cloud environment configuration tools “with the goal of improving security across our platform and the overall AI/ML ecosystem.” “.
Keywords:
Related articles
Palm Mini 2 Ultra: Máy tính bảng mini cho game thủ
Robot with smart grip
NASA’s goal of conquering the Sun
Apple launches a new feature that makes it easier to use your phone while sitting on vehicle
Google Photos launches smart search feature “Ask for photos”
Roku streams live MLB baseball games for free
Gun detection AI technology company uses Disney to successfully persuade New York
Hackers claim to have collected 49 million Dell customer addresses before the company discovered the breach
Thai food delivery app Line Man Wongnai plans to IPO in Thailand and the US in 2025
Google pioneered the development of the first social networking application for Android
AI outperforms humans in gaming: Altera receives investment from Eric Schmidt
TikTok automatically labels AI content from platforms like DALL·E 3
Dell’s data was hacked, revealing customers’ home address information
Cracking passwords using Brute Force takes more time, but don’t rejoice!
US lawsuit against Apple: What will happen to iPhone and Android?
The UAE will likely help fund OpenAI’s self-produced chips
AI-composed blues music lacks human flair and rhythm
iOS 17: iPhone is safer with anti-theft feature
Samsung launches 2024 OLED TV with the highlight of breakthrough anti-glare technology
REGISTER
TODAY
Sign up to get the inside scoop on today's biggest stories in markets, technology delivered daily.
By clicking “Sign Up”, you accept our Terms of Service and Privacy Policy. You can opt out at any time.
5
s
Comment (0)