HiddenLayer is now a CVE Numbering Authority (CNA) assigning CVE IDs all HiddenLayer systems, services, & products + vulnerabilities it discovers not in another CNA’s scope cve.org/Media/News/ite… #CVE #CNA #VulnerabilityManagement #Vulnerability #Cybersecurity CVE

We're proud to announce that HiddenLayer is partnering with the CVE® Program as a CNA, which aims to identify, define, and catalog publicly disclosed #cybersecurity vulnerabilities 🛡️ hubs.ly/Q02drts20 #Security4AI #securityforai #ai #hiddenlayer CVE Announcements

We’re excited to share the launch of the HiddenLayer Partner Program, marking a significant milestone in extending #AI & #MLOps security to enterprises everywhere! Learn more about the program 👉 hubs.ly/Q02hpvq30 Read the full announcement 👉 hubs.ly/Q02hpvxf0

In our SAI team's latest blog, they discuss and demonstrate how easily preventable, high-impact vulnerabilities known in the security industry for years plague widely used #AI infrastructure 👉 hubs.ly/Q02k03540 #securityforai #hiddenlayer #mldr #adai #cybersecurity

📅 SAVE THE DATE: HiddenLayer’s 2024 AI Threat Landscape Report will be released on March 6th. Sign up to be the first to preview the report & join us in a webinar discussion as we share some of the report’s most important findings 👉 hubs.ly/Q02kGr2Q0 #Security4AI

Our researchers discovered that the Hugging Face PyTorch to Safetensors conversion service could easily be compromised by attackers, who could tamper with models and leak the token used to create pull requests from the official bot. hiddenlayer.com/research/silen…

🤖 Security researchers have uncovered a new #vulnerability in Hugging Face's Safetensors conversion service that could lead to supply chain attacks, compromising user-submitted models. Read details: thehackernews.com/2024/02/new-hu… #cybersecurity #hacking #technews

Fickling gets powerful new upgrades: a modular analysis API and PyTorch and Polyglot modules. Enhance threat detection and analysis across your ML workflows. buff.ly/3ImyxUI

🎉 We are proud to present the first-ever HiddenLayer AI Threat Landscape Report! Get your copy TODAY to see our survey insights, risks related to the use of #AI & security recommendations for the next 12 months. Learn more 👉 hubs.ly/Q02nmggk0

Very nice work from Abraxus and Kieran Evans in discovering CVE-2024-27322, a vulnerability in R's deserialization library that can lead to "R-bitrary" code execution when deserializing untrusted data. hiddenlayer.com/research/r-bit…

👨‍💻🔐 A new security #vulnerability (CVE-2024-27322) has been discovered in the R #programming language. It could allow attackers to execute arbitrary code through malicious RDS files, exposing your projects to supply chain attacks. Read: thehackernews.com/2024/04/new-r-… #cybersecurity

I'm incredibly excited to announce that I will be speaking with Tom Bonner this August at #BHUSA. If you enjoyed the research on R this week come check out our talk to see even more! blackhat.com/us-24/briefing…

Small thread about my experience YARA-X, version 0.3.0 fresh beta, courtesy of Victor M. Alvarez

🚨 New Research: AI’ll Be Watching You Our team recently presented this cutting-edge research at AI Village @ DEF CON 2024. This blog takes a deep dive into the security of edge AI devices, starting with the widely used Wyze Cam 👉 hubs.ly/Q02KWPQ70 #EdgeAI #AIResearch

Today, we publicly disclosed 14 new CVEs across three critical machine learning projects. These vulnerabilities highlight the importance of proactive security in AI and reinforce our commitment to safeguarding the future of machine learning. 👉 hiddenlayer.com/sai-security-a…

ShadowLogic Attack Targets AI Model Graphs to Create Codeless Backdoors securityweek.com/shadowlogic-at…

Our latest research, modifying the computational graphs of neural networks to introduce backdoors, has been extremely interesting. In this blog, we've targeted ResNet, YOLO, and Phi-3 models, using different triggers and payloads. #AI #CyberSecurity hiddenlayer.com/research/shado…

HiddenLayer researchers uncovered a malicious version of the Android #DeepSeek - #AI Assistant app recently uploaded to a popular #malware scanning service.

Announcing our latest attack technique, "Policy Puppetry" - a single, transferable prompt blending structured policy & roleplay that bypasses alignment in frontier AI models. Game-changing for red-teaming! #AI #GenAI #RedTeam #CyberSecurity hiddenlayer.com/innovation-hub…

So this one has been a while coming. If you've seen any of the talks or workshops I've done recently you'll have heard me talking about the way we are thinking about attacks on generative AI. Well, it's finally here. hiddenlayerai.github.io/ape-taxonomy/g…