An Empirical Study on Remote Code Execution in Machine Learning Model Hosting Ecosystems

Model-sharing platforms, such as Hugging Face, ModelScope, and OpenCSG, have become central to modern machine learning development, enabling developers to share, load, and fine-tune pre-trained models with minimal effort. However, the flexibility of these ecosystems introduces a critical security...

Discourse Security Breach

Discourse is an open source community discussion platform. The platform includes features such as communities, email and chat rooms. Discourse suffers from a security vulnerability. An attacker exploiting the vulnerability could learn about the existence of a secret category when setting a contex...