News
Now that the dust has started to settle, it’s a good time to consider the three big takeaways from the Ultralytics AI library hack. Python’s own supply chain wasn’t the point of compromise ...
Attackers have compromised Ultralytics YOLO packages published on PyPI, the official Python package index, by compromising the build environment of the popular library for creating custom machine ...
Hosted on MSN6mon
Popular Python AI library hacked to deliver malwareAs an open source solution, YOLO11 was also available for download on PyPI, one of the world’s biggest Python package repositories ... is difficult to trace. Ultralytics founder and CEO Glenn ...
The popular Ultralytics YOLO11 AI model was compromised in a supply chain attack to deploy cryptominers on devices running versions 8.3.41 and 8.3.42 from the Python Package Index (PyPI ...
ReversingLabs researchers traced the issue to a breach of the library’s build environment, which was exploited through a known GitHub Actions script injection vulnerability. On December 4, version 8.3 ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback