SafePickle: Robust and Generic ML Detection of Malicious Pickle-Based ML Models

Model repositories such as Hugging Face increasingly distribute machine learning artifacts serialized with Python's pickle format, exposing users to remote code execution RCE risks during model loading. Recent defenses, such as PickleBall, rely on per-library policy synthesis that requires comple...

AAmiles 安全漏洞

AAmiles is a machine learning project scanner. AAmiles suffers from a security vulnerability. An attacker exploited the vulnerability to access sensitive user information and digital currency keys, as well as to elevate privileges...