<- Back to Insights
August 19, 2024
Wiz researchers hacked into leading AI infrastructure providers
techtarget
|
Contributed by: Drex DeFord
Summary
Wiz researchers have identified significant security vulnerabilities in AI infrastructure platforms such as Hugging Face, Replicate, and SAP AI Core, which could allow attackers to access sensitive user data. At the Black Hat USA 2024 conference, researchers Hillai Ben-Sasson and Sagi Tzadik demonstrated how they breached these platforms using malicious models and container escape techniques to cross-tenant barriers. They discovered that current containerization methods are inadequate for secure data isolation. While providers have been responsive in addressing reported issues, the researchers stressed the need for better sandboxing and isolation standards. Overall, the rapid adoption of AI often overlooks security, introducing additional risks due to the use of numerous tools and open-source resources without proper security validation.
Explore Related Topics