InfoWorld

Large language models hallucinating non-existent developer packages could fuel supply chain attacks

Large Language Models (LLMs) have a serious “package hallucination” problem that could lead to a wave of maliciously-coded packages in the supply chain, researchers have discovered in one of the ...
CoinTelegraph

5 Python libraries to interpret machine learning models

Python libraries that can interpret and explain machine learning models provide valuable insights into their predictions and ensure transparency in AI applications. A Python library is a collection of ...
CSOonline

Poisoned models in fake Alibaba SDKs show challenges of securing AI supply chains

Fake Alibaba Labs AI SDKs hosted on PyPI included PyTorch models with infostealer code inside. With support for detecting malicious code inside ML models lacking, expect the technique to spread.
Bleeping Computer

Ten Malicious Libraries Found on PyPI - Python Package Index

The Slovak National Security Office (NBU) has identified ten malicious Python libraries uploaded on PyPI — Python Package Index — the official third-party software repository for the Python ...