HiddenLayer

As AI systems evolve from tools that assist decisions to systems capable of autonomous action, governance models must evolve too. Many governance approaches were created for predictable systems with humans in the loop, not autonomous AI systems operating at a scale and speed humans can’t easily monitor in real time. Join expert panelists John Smith, Malcolm Harkins, Gary McAlum, and Juan Gomez-Sanchez for a discussion on how organizations can operationalize AI governance by connecting: Risk → Decisions → Controls → Runtime Behavior In this webinar, we’ll cover: • Why traditional governance approaches break down in AI environments • Common gaps in current AI governance strategies • Where organizations may be over or under investing • Practical approaches to evaluating AI trust and security posture • How to connect governance frameworks to runtime security controls 📅 Wednesday, June 10 | ⏰ 12 PM ET Register here: https://lnkd.in/gdJR9r3j #AISecurity #AIGovernance #Cybersecurity #AgenticAI #AI #RiskManagement

Tokenizers are among the most overlooked yet critical components of Large Language Models. Before an LLM can understand a prompt, it has to convert text into tokens. But what happens when attackers exploit that process itself? In our latest blog, we break down how adversaries are weaponizing tokenization techniques to manipulate AI systems, evade safeguards, and bypass prompt injection defenses through methods like: • Glitch tokens • Invisible Unicode attacks • TokenBreak attacks As organizations continue integrating AI into critical workflows, attackers are increasingly targeting the foundational components that power LLM behavior, not just the models themselves. Read the full blog here: https://lnkd.in/gyjsYzST #AI #AISecurity #Cybersecurity #LLM #GenerativeAI #PromptInjection #MachineLearning #SecurityResearch

A critical vulnerability in ChromaDB’s Python FastAPI server can allow unauthenticated remote code execution through attacker-controlled model loading. In our latest research, we show how CVE-2026-45829 allows attackers to execute arbitrary code before authentication checks occur, potentially exposing environment variables, secrets, and stored data. The issue stems from two compounding flaws: • Trusting user-controlled model references and kwargs • Executing model-loading logic before authentication enforcement As vector databases become foundational to AI applications, this reinforces the reality that models are not passive data. Loading untrusted models is equivalent to running untrusted code. Key findings: • Affected versions: 1.0.0–1.5.8 • 73% of internet-exposed instances identified were running vulnerable versions • Exploitation requires only HTTP API access to the Python server We also outline mitigations organizations should implement immediately while awaiting a patch. Read the full research: https://lnkd.in/geaRtXZS #AISecurity #Cybersecurity #LLMSecurity #ThreatResearch #AI

A big congratulations to HiddenLayer CISO Malcolm Harkins on his induction into the CSO Hall of Fame at this year’s CSO Cybersecurity Awards & Conference in Nashville. A well-deserved recognition of his leadership and long-standing contributions to the cybersecurity industry. This week also brought thoughtful conversations around the realities of securing AI as adoption accelerates across industries. From planning for rapidly evolving AI risk, to the growing gap between AI trust and AI security, to how AI is reshaping both cyber defense and cyber threats, the discussions reflected just how quickly the landscape is changing. Congratulations to all of this year’s honorees, speakers, and attendees! Thank you, CSO Online, for pulling together such a great conference. #AISecurity #CISO #SecureAI #AIRisk #CSO #AITrust

Organizations focus on model weights, graphs, or code when evaluating AI supply chain risk. But what if the compromise lives somewhere far less obvious? Our latest research shows how tampering with a single vocabulary entry inside a tokenizer file can silently alter model outputs without modifying weights or architecture. Tokenizers control how models encode and decode every piece of information they process, and a compromised one can reroute requests, swap commands, and exfiltrate credentials across every downstream deployment, while remaining difficult to detect. In this blog, HiddenLayer researchers demonstrate: - Silent tool-call injection - URL rewriting and proxy interception - Command substitution attacks - Impact across SafeTensors, ONNX, and GGUF formats The weights can be clean. The graph can be clean. But the deployment can still be compromised. Read the full research: https://lnkd.in/gZvy8Gja #AISecurity #CyberSecurity #LLMSecurity #AgenticAI #SupplyChainSecurity #AIResearch

Over the weekend, one AI security research story made its way across the cybersecurity world. What started as HiddenLayer research into a malicious Hugging Face model quickly expanded into conversations across: → Technical communities → Security practitioners → CISO-focused outlets → AI governance discussions → Broader enterprise security conversations Coverage from The Hacker News, BleepingComputer, CISO Series, WinBuzzer.com, Cyber Press ®, GB Hackers, and others signals something bigger than a single research story. Organizations are recognizing that AI infrastructure, models, and repositories require the same scrutiny we now apply to traditional software supply chains. The AI attack surface is evolving quickly, and the industry conversation is evolving with it. Read the comprehensive research here: https://lnkd.in/gxE-c5qF #AINews #AISecurity #SecureAI #HuggingFace #Malware #AIMedia

This week at the CSO Cybersecurity Awards & Conference in Nashville, HiddenLayers' Malcolm Harkins will join industry leaders for several critical conversations focused on how to manage risk in an AI-driven world evolving faster than traditional security models were built to handle. His sessions will cover: • How CISOs can prepare for rapidly changing AI risk landscapes as systems increasingly influence their own evolution • Why trust in AI systems cannot rely on compliance or functionality alone, especially in healthcare, finance, and critical infrastructure • How AI is reshaping both cyber attacks and cyber defense, creating new opportunities for automation while introducing new operational and governance risks In addition to speaking at the event, Malcolm is also being recognized as a CSO Hall of Fame inductee, an honor reflecting his long-standing leadership and contributions to the cybersecurity industry. Register today: https://lnkd.in/ecdyYktg #AISecurity #AIGoverance #CISO #AITalk #SecureAI #ResponsibleAI

🚨 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐀𝐝𝐯𝐢𝐬𝐨𝐫𝐲 𝐔𝐩𝐝𝐚𝐭𝐞: 𝐌𝐚𝐥𝐰𝐚𝐫𝐞 𝐢𝐧 𝐓𝐫𝐞𝐧𝐝𝐢𝐧𝐠 𝐇𝐮𝐠𝐠𝐢𝐧𝐠 𝐅𝐚𝐜𝐞 𝐑𝐞𝐩𝐨𝐬𝐢𝐭𝐨𝐫𝐢𝐞𝐬 🚨 Yesterday, we identified malicious code in the Open-OSS/privacy-filter repository, which had reached Hugging Face's top trending list with over 200k downloads in under 24 hours. The repository typosquats OpenAI's legitimate Privacy Filter release and ships a Python script that delivers a Rust-based infostealer to Windows machines via a multi-stage attack chain. We've since identified six additional repositories pushing very similar malware, indicating a coordinated campaign rather than an isolated incident. Infrastructure overlap also links this activity to a separate npm typosquat campaign distributing the WinOS 4.0 implant. The infostealer targets browser credentials and session cookies, cryptocurrency wallets, Discord tokens, FileZilla credentials, and other sensitive information. Hugging Face has removed the affected repositories. Our full advisory, including IOCs and recommended actions, can be found here: https://lnkd.in/gxE-c5qF Please reshare. #CyberSecurity #SupplyChainSecurity #AISecurity #InfoSec

🚨Security Advisory: Malware Found in Trending Hugging Face Repository🚨 Earlier this afternoon, we identified malicious code in the Hugging Face repository Open-OSS/privacy-filter, which is currently among the platform's top trending repositories, with over 200k downloads in the past day. The repository typosquats OpenAI's legitimate Privacy Filter release, copies its model card nearly verbatim, and ships a loader[.]py file that fetches and executes an infostealer malware on Windows machines. If anyone on your team cloned Open-OSS/privacy-filter (NOT openai/privacy-filter) and ran start.bat or python loader[.]py on Windows systems, treat the host as compromised: rotate credentials, move wallets, scan endpoints, and check for further signs of compromise. Advisory and updates: https://lnkd.in/gE77JKe8 #AISecurity #HuggingFace #AIBreach #AIVulnerability

We’re proud to share that HiddenLayer has been named a Bronze Winner in the Globee Awards for Artificial Intelligence. This recognition reflects the work our team is doing to tackle one of the most important challenges in AI today: security. The Globee Awards are judged by industry experts, and this distinction highlights meaningful progress in advancing AI security, something we believe is foundational to safe and scalable AI adoption. We are proud of our team driving this forward every day, and the customers and partners who trust us to secure their AI. #AIAward #AISecurity #SecureAI #AIInnovation #LLMSecurity #AgenticAI