"New Attack Technique 'Sleepy Pickle' Targets Machine Learning Models"

A new hybrid Machine Learning (ML) model exploitation technique called "Sleepy Pickle" has highlighted the Pickle format's security risks. According to Trail of Bits, the attack weaponizes the ubiquitous format used to package and distribute ML models in order to corrupt the model, thus threatening an organization's downstream customers. Security researcher Boyan Milanov emphasizes that Sleepy Pickle is a stealthy and novel attack on the ML model itself instead of the underlying system. Sleepy Pickle inserts a payload into a Pickle file using open source tools such as Fickling and delivers it to a target host through phishing, supply chain compromise, a system weakness, or an adversary-in-the-middle (AitM) attack. This article continues to discuss the Sleepy Pickle hybrid ML exploitation method.

THN reports "New Attack Technique 'Sleepy Pickle' Targets Machine Learning Models"

Submitted by grigby1

Submitted by Gregory Rigby on