all InfoSec news
Assessing the security posture of a widely used vision model: YOLOv7
Malware Analysis, News and Indicators - Latest topics malware.news
By Alvin Crighton, Anusha Ghosh, Suha Hussain, Heidy Khlaaf, and Jim Miller
TL;DR: We identified 11 security vulnerabilities in YOLOv7, a popular computer vision framework, that could enable attacks including remote code execution (RCE), denial of service, and model differentials (where an attacker can trigger a model to perform differently in different contexts).
Open-source software provides the foundation of many widely used ML systems. However, these frameworks have been developed rapidly, often at the cost of secure and robust practices. …
attacker attacks code code execution computer computer vision denial of service enable framework miller popular posture rce remote code remote code execution security security posture service trigger vulnerabilities