Malicious ML models found on Hugging Face Hub

Researchers have spotted two machine learning (ML) models containing malicious code on Hugging Face Hub, the popular online repository for datasets and pre-trained models. Once one of them is downloaded and executed on the developer’s machine, th… Continue reading Malicious ML models found on Hugging Face Hub

Hugging Face platform continues to be plagued by vulnerable ‘pickles’

A widely used python module for machine-learning developers can be loaded with malware and bypass detection measures.

The post Hugging Face platform continues to be plagued by vulnerable ‘pickles’ appeared first on CyberScoop.

Continue reading Hugging Face platform continues to be plagued by vulnerable ‘pickles’

NIST CSF 2.0 released, to help all organizations, not just those in critical infrastructure

The National Institute of Standards and Technology (NIST) has updated its widely utilized Cybersecurity Framework (CSF), a key document for mitigating cybersecurity risks. The latest version, 2.0, is tailored to cater to a broad range of audiences, spa… Continue reading NIST CSF 2.0 released, to help all organizations, not just those in critical infrastructure

Software supply chain attacks are getting easier

ReversingLabs identified close to 11,200 unique malicious packages across three major open-source software platforms in 2023: npm, PyPI, and RubyGems. These findings mark an astounding 1,300% increase in malicious packages from 2020 and an increase of … Continue reading Software supply chain attacks are getting easier

DigiCert and ReversingLabs partner to advance software supply chain security

DigiCert has partnered with ReversingLabs to enhance software security by combining advanced binary analysis and threat detection from ReversingLabs with DigiCert’s enterprise-grade secure code signing solution. DigiCert customers will benefit fr… Continue reading DigiCert and ReversingLabs partner to advance software supply chain security

Infosec products of the month: March 2023

Here’s a look at the most interesting products from the past month, featuring releases from: 1Password, Appdome, Atakama, BreachLock, Elevate Security, Fastly, Forescout, ForgeRock, GrammaTech, HackNotice, Hornetsecurity, HYPR, Kensington, LOKKER, Mana… Continue reading Infosec products of the month: March 2023

New infosec products of the week: March 17, 2023

Here’s a look at the most interesting products from the past week, featuring releases from Atakama, Elevate Security, Hornetsecurity, HYPR, and ReversingLabs. Hornetsecurity VM Backup V9 protects users against ransomware threats VM Backup V9 has an eas… Continue reading New infosec products of the week: March 17, 2023

Photos: Black Hat USA 2022

Here’s a photo gallery that provides a look inside Black Hat USA 2022. For our complete coverage of the conference, live from Las Vegas, check out our microsite. Bayside Ballroom Foyer Sophos BlackBerry, Palo Alto Networks, AT&T Cybersecurit… Continue reading Photos: Black Hat USA 2022

Black Hat USA 2022 video walkthrough

In this Help Net Security video, we take you inside Black Hat USA 2022 at the Mandalay Bay Convention Center in Las Vegas. The video features the following vendors: Abnormal Security, Adaptive Shield, Airgap, Akamai, Anomali, Arctic Wolf Networks, Aris… Continue reading Black Hat USA 2022 video walkthrough