Cybersecurity researchers have uncovered two malicious machine learning (ML) models on Hugging Face that leveraged an unusual technique of « broken » pickle files to evade detection.
« The pickle files extracted from the mentioned PyTorch archives revealed the malicious Python content at the beginning of the file, » ReversingLabs researcher Karlo Zanki said in a report shared with The Hacker News. «
