https://community.isc2.org/t5/Threats/AI-as-a-Service-Providers-Vulnerable-to-PrivEsc-and-Cross-Tenant/m-p/69252#M1164 <P>Hi All</P><P>&nbsp;</P><P>New research has found that artificial intelligence (AI)-as-a-service providers such as Hugging Face are susceptible to two critical risks that could allow threat actors to escalate privileges, gain cross-tenant access to other customers' models, and even take over the continuous integration and continuous deployment (CI/CD) pipelines.</P><P>&nbsp;</P><P><A href="https://thehackernews.com/2024/04/ai-as-service-providers-vulnerable-to.html" target="_blank">https://thehackernews.com/2024/04/ai-as-service-providers-vulnerable-to.html</A></P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_Cautim</P> Sun, 07 Apr 2024 22:07:28 GMT Caute_cautim 2024-04-07T22:07:28Z https://community.isc2.org/t5/Threats/AI-as-a-Service-Providers-Vulnerable-to-PrivEsc-and-Cross-Tenant/m-p/69252#M1164 <P>Hi All</P><P>&nbsp;</P><P>New research has found that artificial intelligence (AI)-as-a-service providers such as Hugging Face are susceptible to two critical risks that could allow threat actors to escalate privileges, gain cross-tenant access to other customers' models, and even take over the continuous integration and continuous deployment (CI/CD) pipelines.</P><P>&nbsp;</P><P><A href="https://thehackernews.com/2024/04/ai-as-service-providers-vulnerable-to.html" target="_blank">https://thehackernews.com/2024/04/ai-as-service-providers-vulnerable-to.html</A></P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_Cautim</P> Sun, 07 Apr 2024 22:07:28 GMT https://community.isc2.org/t5/Threats/AI-as-a-Service-Providers-Vulnerable-to-PrivEsc-and-Cross-Tenant/m-p/69252#M1164 Caute_cautim 2024-04-07T22:07:28Z