The security risks posed by the Pickle format have once again come to the fore with the discovery of a new « hybrid machine learning (ML) model exploitation technique » dubbed Sleepy Pickle.
The attack method, per Trail of Bits, weaponizes the ubiquitous format used to package and distribute machine learning (ML) models to corrupt the model itself, posing a severe supply chain risk to an
