# serialization

6 artikelengetagd met “serialization”

Model Serialization Attacks

Pickle, SafeTensors, and ONNX deserialization attacks targeting ML model files for arbitrary code execution.

infrastructureserializationpicklesupply-chaincode-execution

Model Supply Chain Risks

Attack vectors in the AI model supply chain, including malicious model files, pickle exploits, compromised model registries, and dependency vulnerabilities.

supply-chainpicklemodel-fileshuggingfaceserialization

Gemiddeld

AI Supply Chain Exploitation

Methodologie voor het uitbuiten van de AI/ML-supply-chain: RCE via modelserialisatie, dependency confusion, datasetvergiftiging, CI/CD-injectie en container escape.

supply-chainpickleserializationrcedependency-confusioncicdcontainer-escapehuggingface

Expert

Pickle Deserialization Exploits

Technische methodologie voor het samenstellen van pickle-payloads, het omzeilen van safetensors en modelondertekening, en het uitbuiten van ML-modeldeserialisatie over frameworks heen.

pickledeserializationrcesafetensorsmodel-signingpytorchserialization

Expert

Aanvallen op modelcheckpoints en -herstel

Kwetsbaarheden in checkpointbestandsformaten, modificatie-aanvallen op safetensors- en PyTorch-formaten, checkpointvergiftiging, opslagbeveiliging en supply-chain-implicaties.

checkpointsafetensorspytorchmodel-weightssupply-chainpickleserialization

Gevorderd

RCE via modelserialisatie

Remote code execution through malicious model files using pickle deserialization, safetensors manipulation, and other model serialization format vulnerabilities.

infrastructurerceserializationpicklesupply-chainsecurity

Expert