The Art of Hide and Seek: Making Pickle-Based Model Supply Chain Poisoning Stealthy Again
Pickle deserialization vulnerabilities have persisted throughout Python's history, remaining widely recognized yet unresolved. Due to its ability to transparently save and restore complex objects into byte streams, many AI/ML frameworks continue to adopt pickle as the model serialization protocol...