Malicious attack method on hosted ML models now targets PyPI
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
A new malicious campaign has been discovered targeting the Python Package Index (PyPI) by exploiting the Pickle file format in machine learning models. Three malicious packages posing as an Alibaba AI Labs SDK were detected, containing infostealer payloads hidden inside PyTorch models. The packages exfiltrate information about infected machines and .gitconfig file contents. This attack demonstrates the evolving threat landscape in AI and machine learning, particularly in the software supply chain. The campaign likely targeted developers in China and highlights the need for improved security measures and tools to detect malicious functionality in ML models.
OPENCTI LABELS :
infostealer,pypi,supply chain attack,ai,machine learning,pytorch,pickle format
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Malicious attack method on hosted ML models now targets PyPI