Popular Python libraries used in Hugging Face models subject to poisoned metadata attack

The open-source libraries were created by Salesforce, Nvidia, and Apple with a Swiss group Vulnerabilities in popular AI and ...
腾讯网

OPIK:一个开源的自动提示词优化框架

点击上方“Deephub Imba”,关注公众号,好文章不错过 !大语言模型发展到今天,写提示词不仅是个体力活,还是一个技术活。提示词的措辞稍微改一下,性能波动 20-50% 是常有的事。那能不能让 LLM 自己改进提示词呢?本文主要讲的就是这个,一个处理复杂推理任务的 Agent,经过几轮自动迭代,准确率从 34% 飙到 97%相对提升 ...
CNX Software

Raspberry Pi AI HAT+ 2 review – A 40 TOPS AI accelerator tested with Computer Vision, LLM ...

Raspberry Pi sent me a sample of their AI HAT+ 2 generative AI accelerator based on Hailo-10H for review. The 40 TOPS AI ...
The Hacker News

ThreatsDay Bulletin: AI Voice Cloning Exploit, Wi-Fi Kill Switch, PLC Vulns, and 14 More ...

This week's stories show how fast attackers change their tricks, how small mistakes turn into big risks, and how the same old ...
DataBreachToday

Flaw in AI Libraries Exposes Models to Remote Code Execution

Researchers discovered remote code execution vulnerabilities in three AI libraries from Apple, Salesforce and Nvidia used by ...

“MFA已过时?”Tycoon 2FA钓鱼套件掀起会话劫持风暴,全球超6万账户沦陷

2025年10月,一家位于波士顿的医疗科技公司遭遇一场“教科书式”的网络攻击。攻击者并未暴力破解密码,也没有利用零日漏洞,而是通过一封看似普通的会议邀请邮件,附带一个名为“Q3_Investor_Briefing.html”的附件。财务总监Sarah点击后,浏览器跳转至一个与Microsoft 365登录页几乎无法区分的页面。她输入账号密码,随后手机收到一条来自微软的验证码短信——她照常输入。 几 ...

当“图片”会执行代码:SVG钓鱼载荷引爆新型供应链攻击,Amatera窃密 ...

2025年秋,欧洲多家中小企业财务人员陆续收到一封看似普通的邮件:“附件为贵司最新账单,请查收。”随信附带一个名为 invoice_OCT2025.svg 的文件。用户双击打开后,屏幕上只显示一张简洁的矢量发票图——毫无异常。