"Protect AI Finds Vulnerabilities in Open-Source AI and Machine Learning Tools"
"Protect AI Finds Vulnerabilities in Open-Source AI and Machine Learning Tools"
Protect AI has released a new report highlighting vulnerabilities recently discovered in open-source Artificial Intelligence (AI) and Machine Learning (ML) tools by its bug bounty program. The first vulnerability posed a significant risk of server takeover and the loss of sensitive data. The MLflow tool, used for storing and tracking models, was discovered to contain a critical flaw in its code that could trick users into connecting to a malicious remote data source, thus allowing attackers to run commands on a victim's system.