The Next Web

The AI industry’s model and agent skill repositories are full of malware. The infrastructure built to accelerate development is now the vector for compromising it.

Hugging Face hosts 352,000 unsafe model issues. ClawHub's registry contains 341 malicious AI agent skills. The AI supply chain is now the most attractive target in software security.
The Hacker News

Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads

Fake OpenAI Privacy Filter hit #1 on Hugging Face with 244,000 downloads, spreading infostealer malware to Windows users.

Shai Hulud attack ships signed malicious TanStack, Mistral npm packages

Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering ...
InfoWorld

12 model-level deep cuts to slash AI training costs

Stop throwing money at GPUs for unoptimized models; using smart shortcuts like fine-tuning and quantization can slash your ...

Perceptron Mk1 shocks with highly performant video analysis AI model 80-90% cheaper than Anthropic, OpenAI & Google

Early adopters are using the model for diverse applications, such as auto-clipping highlights from live sports, which ...
Windows Report

Fake OpenAI Privacy Filter Repo on Hugging Face Spread Infostealer Malware

A malicious repository on Hugging Face impersonated OpenAI’s “Privacy Filter” project and briefly reached the platform’s top trending position before removal ...
Tech.eu

Meet the French startup fixing the guardrail gap holding enterprise AI back

As Europe pushes for sovereign AI infrastructure, Giskard is securing enterprise AI agents against manipulation, unsafe ...
Family Destinations Guide

Sink Your Teeth Into The Ridiculously Massive Cheeseburgers At This No-Frills Oregon Spot

The Helvetia Tavern is where Oregonians go when they’re serious about their beef and cheese consumption. Picture yourself ...

Fake OpenAI repository on Hugging Face pushes infostealer malware

A malicious Hugging Face repository that reached the platform's trending list impersonated OpenAI's "Privacy Filter" project ...
Hosted on MSN

Google confirms first AI-assisted zero-day cyberattack

First AI zero-day: Google detected cybercriminals using AI to identify and exploit a previously unknown flaw in a popular web tool. Exploits outpace patches: Mandiant reports AI-assisted attack code ...
Hackaday

This Week In Security: Another Linux Exploit, Ubuntu Knocked Offline, Finals Interrupted, And Backdoored Tools

After the CopyFail vulnerability gave root access from any user on almost all distributions last week, this week we’ve got DirtyFrag. This chains the vulnerability in CopyFail (xfrm-ESP) and ...