Exposed Hugging Face APIs Opened AI Models to Cyberattacks

Security flaws found in both Hugging Face and GitHub repositories exposed almost 1,700 API tokens, opening up AI developers to supply chain and other attacks and putting a brighter spotlight on the need to ensure that security keeps up with the accelerating pace of innovation of AI and large-language models.
In a report today, researchers with startup Lasso Security found more than 1,500 exposed APIs on the Hugging Face platform - essentially GitHub for the AI set - that allowed them to access the accounts of 723 organizations, including such companies as Microsoft, Google, Meta, and VMware.
Among those accounts, 655 users' tokens had write permissions - 77 to different organizations - that granted the researchers full control of the repositories of prominent companies.
Along with the supply-chain threat the exposed APIs represented, they also opened up to the possibility of bad actors poisoning training data.
Lasso researchers obtained access to 14 datasets with that can see hundreds of thousands of downloads a month.
The researchers could have stolen more than 10,000 private AI models that were linked to more than 2,500 datasets.
Lanyado told Security Boulevard that he expected the company's research would return some vulnerabilities, but the results surprised him.
We were able to access nearly all of the top technology companies' tokens, and gain full control over some of them.
Major companies like Meta, Microsoft, and Google take pride in their security capabilities but still were unaware of the significant third-party risk, he added.
This awareness ensures that these technological strides align with the company's business [and] also security objectives.
The company focuses on cybersecurity for LLMs. A key Hugging Face asset is its open-source Transformers library, he wrote, which holds more than 500,000 AI models and 250,000 datasets, including the Meta-Llama, Bloom, and Pythia models.
The researchers ran into some roadblocks when they started searching for APIs in both Hugging Face and GitHub, but were able to dig deeper through increasingly detailed searches.
They then used the Hugging Face whoami API to ensure the validity of the token and such information as the token's user and the user's email, organization memberships, and permissions, and the token's permissions and privileges, Lanyado wrote.
Hugging Face had announced the org api tokens were deprecated and were blocked in its Python library.
While the write functionality didn't work, in some instances the read functionality did, and they were able to download private models with an exposed org api token, such as with Microsoft.
The company contacted Hugging Face and all the organizations and users involved after running the research.
Hugging Face fixed the vulnerability while many of the companies - including Meta, Google, Microsoft, and VMware - revoked the vulnerable tokens and removed the public access token code.
He also said developers should understand that Hugging Face and similar platforms aren't secure enough, so responsibility for security will fall on developers and other users.
They also shouldn't work with hard-coded tokens to avoid having to constantly verify every commit that no tokens or sensitive information is pushed the repositories.
Lanyado pointed to other reports about security problems with AI, including Nvidia discovering three flaws in LangChain chains and Rezilion finding dangerous workflow patterns in the LLM open-source ecosystem.


This Cyber News was published on securityboulevard.com. Publication date: Mon, 04 Dec 2023 19:13:16 +0000


Cyber News related to Exposed Hugging Face APIs Opened AI Models to Cyberattacks

Hugging Face dodged a cyber-bullet with Lasso Security's help - Further validating how brittle the security of generative AI models and their platforms are, Lasso Security helped Hugging Face dodge a potentially devastating attack by discovering that 1,681 API tokens were at risk of being compromised. The tokens ...
10 months ago Venturebeat.com
Exposed Hugging Face APIs Opened AI Models to Cyberattacks - Security flaws found in both Hugging Face and GitHub repositories exposed almost 1,700 API tokens, opening up AI developers to supply chain and other attacks and putting a brighter spotlight on the need to ensure that security keeps up with the ...
10 months ago Securityboulevard.com
Meta AI Models Cracked Open With Exposed API Tokens - Researchers recently were able to get full read and write access to Meta's Bloom, Meta-Llama, and Pythia large language model repositories in a troubling demonstration of the supply chain risks to organizations using these repositories to integrate ...
10 months ago Darkreading.com
Exposed Hugging Face API tokens jeopardized GenAI models - Lasso Security researchers discovered 1,681 Hugging Face API tokens exposed in code repositories, which left vendors such as Google, Meta, Microsoft and VMware open to potential supply chain attacks. In a blog post published Monday, Lasso Security ...
10 months ago Techtarget.com
Hugging Face API tokens exposed, major projects vulnerable The Register - The API tokens of tech giants Meta, Microsoft, Google, VMware, and more have been found exposed on Hugging Face, opening them up to potential supply chain attacks. Researchers at Lasso Security found more than 1,500 exposed API tokens on the open ...
10 months ago Go.theregister.com
In the rush to build AI apps, don't leave security behind The Register - There are countless models, libraries, algorithms, pre-built tools, and packages to play with, and progress is relentless. You'll typically glue together libraries, packages, training data, models, and custom source code to perform inference tasks. ...
6 months ago Go.theregister.com
Major Organizations Using 'Hugging Face' AI Tools Put at Risk by Leaked API Tokens - AI cybersecurity startup Lasso has discovered more than 1,600 valid Hugging Face API tokens exposed in code repositories, providing access to hundreds of organizations' accounts. Leaked secrets, such as tokens, have long been the focus of ...
10 months ago Securityweek.com
AI platform Hugging Face says hackers stole auth tokens from Spaces - AI platform Hugging Face says that its Spaces platform was breached, allowing hackers to access authentication secrets for its members. Hugging Face Spaces is a repository of AI apps created and submitted by the community's users, allowing other ...
4 months ago Bleepingcomputer.com
Zombie APIs: The Scariest Threat Lurking in The Shadows? - Designed to rapidly and seamlessly connect consumers and businesses to vital data and services, APIs power modern enterprises and applications. APIs are constantly in action, working in the background for when consumers finally book that dream ...
8 months ago Cyberdefensemagazine.com
ML Model Repositories: The Next Big Supply Chain Attack Target - The techniques are similar to ones that attackers have successfully used for years to upload malware to open source code repositories, and highlight the need for organizations to implement controls for thoroughly inspecting ML models before use. ...
6 months ago Darkreading.com
Protect AI Unveils Gateway to Secure AI Models - Protect AI today launched a Guardian gateway that enables organizations to enforce security policies to prevent malicious code from executing within an artificial intelligence model. Guardian is based on ModelScan, an open source tool from Protect AI ...
8 months ago Securityboulevard.com
Cybersecurity challenges emerge in the wake of API expansion - As the technological landscape increasingly integrates AI, Cindric anticipates a profound impact on the evolution of APIs, emphasizing the growing importance of API security, authentication, and the challenges posed by zombie endpoints. Your recent ...
9 months ago Helpnetsecurity.com
Unified API Protection - A massive segment of organizations' digital footprint today is built around internal and external APIs. As more IT leaders realize and acknowledge the size of APIs' influence, it's become clear that new methods are needed to secure those APIs. While ...
1 year ago Cequence.ai
Securing AI: Navigating the Complex Landscape of Models, Fine-Tuning, and RAG - It underscores the urgent need for robust security measures and proper monitoring in developing, fine-tuning, and deploying AI models. The emergence of advanced models, like Generative Pre-trained Transformer 4, marks a new era in the AI landscape. ...
9 months ago Feedpress.me
Beware of OpenAI and ChatGPT-4 Turbo in Financial Services Organizations' Growing API Attack Surface - With every new API integration that OpenAI gets access to, the attack surface of a financial organization grows, creating new opportunities for attackers to exploit vulnerabilities and gain access to sensitive customer and financial data. APIs have ...
7 months ago Cybersecurity-insiders.com
Beware of OpenAI and ChatGPT-4 Turbo in Financial Services Organizations' Growing API Attack Surface - With every new API integration that OpenAI gets access to, the attack surface of a financial organization grows, creating new opportunities for attackers to exploit vulnerabilities and gain access to sensitive customer and financial data. APIs have ...
7 months ago Cybersecurity-insiders.com
Beware of OpenAI and ChatGPT-4 Turbo in Financial Services Organizations' Growing API Attack Surface - With every new API integration that OpenAI gets access to, the attack surface of a financial organization grows, creating new opportunities for attackers to exploit vulnerabilities and gain access to sensitive customer and financial data. APIs have ...
7 months ago Cybersecurity-insiders.com
Beware of OpenAI and ChatGPT-4 Turbo in Financial Services Organizations' Growing API Attack Surface - With every new API integration that OpenAI gets access to, the attack surface of a financial organization grows, creating new opportunities for attackers to exploit vulnerabilities and gain access to sensitive customer and financial data. APIs have ...
7 months ago Cybersecurity-insiders.com
Beware of OpenAI and ChatGPT-4 Turbo in Financial Services Organizations' Growing API Attack Surface - With every new API integration that OpenAI gets access to, the attack surface of a financial organization grows, creating new opportunities for attackers to exploit vulnerabilities and gain access to sensitive customer and financial data. APIs have ...
7 months ago Cybersecurity-insiders.com
Beware of OpenAI and ChatGPT-4 Turbo in Financial Services Organizations' Growing API Attack Surface - With every new API integration that OpenAI gets access to, the attack surface of a financial organization grows, creating new opportunities for attackers to exploit vulnerabilities and gain access to sensitive customer and financial data. APIs have ...
7 months ago Cybersecurity-insiders.com
Beware of OpenAI and ChatGPT-4 Turbo in Financial Services Organizations' Growing API Attack Surface - With every new API integration that OpenAI gets access to, the attack surface of a financial organization grows, creating new opportunities for attackers to exploit vulnerabilities and gain access to sensitive customer and financial data. APIs have ...
7 months ago Cybersecurity-insiders.com
Beware of OpenAI and ChatGPT-4 Turbo in Financial Services Organizations' Growing API Attack Surface - With every new API integration that OpenAI gets access to, the attack surface of a financial organization grows, creating new opportunities for attackers to exploit vulnerabilities and gain access to sensitive customer and financial data. APIs have ...
7 months ago Cybersecurity-insiders.com
Beware of OpenAI and ChatGPT-4 Turbo in Financial Services Organizations' Growing API Attack Surface - With every new API integration that OpenAI gets access to, the attack surface of a financial organization grows, creating new opportunities for attackers to exploit vulnerabilities and gain access to sensitive customer and financial data. APIs have ...
7 months ago Cybersecurity-insiders.com
Beware of OpenAI and ChatGPT-4 Turbo in Financial Services Organizations' Growing API Attack Surface - With every new API integration that OpenAI gets access to, the attack surface of a financial organization grows, creating new opportunities for attackers to exploit vulnerabilities and gain access to sensitive customer and financial data. APIs have ...
7 months ago Cybersecurity-insiders.com
10 Ways a Digital Shield Protects Apps and APIs - While far from perfect, this approach provided multilayer security defenses to protect apps and APIs. As network architectures gradually became more complex, so did protecting apps and APIs. The on-premises enterprise environment gave way to a hybrid ...
4 months ago Darkreading.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)