Popular Python AI library hacked to deliver malware




  • A PyPI package for an AI model was compromised and used to deliver malware
  • Victims were getting XMRig, a popular cryptominer, installed
  • The attack has since been addressed, but users warned to be on their guard

Ultralytics YOLO11, an AI model for computer vision and object detection, was compromised in an apparent supply chain attack, and used to deploy malware on victim devices.

The attack was confirmed by the company’s founder, who also said the incident was remedied, and the malicious version pulled – however, it seems that new malicious versions have popped up again.



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *