Tag
#safetensors
3 posts tagged safetensors.
- incident-review
Compromised Models on Hugging Face: Pickle Exploits in the Hub
Malicious actors have uploaded model files to Hugging Face containing pickle payloads that execute code on download.
- incident-review
Hugging Face Security Incidents: Malicious Models and Token Theft
A review of documented security incidents on the Hugging Face platform, including malicious model uploads, the 2024 Spaces infrastructure breach, and the
- advisory
Model File Format Flaws: Pickle, ONNX, and SafeTensors
Unsafe deserialization in PyTorch's pickle-based format has enabled malicious model distribution for years. This post explains how pickle exploitation