❌

Reading view

Pickle in the Middle – Hijacking Vertex AI Model Uploads for Cross-Tenant RCE

Unit 42 discovered a Vertex AI Python SDK vulnerability that allows remote code execution via bucket squatting. Read the article for more.

The post Pickle in the Middle – Hijacking Vertex AI Model Uploads for Cross-Tenant RCE appeared first on Unit 42.

  •  

Trust No Skill: Integrity Verification for AI Agent Supply Chains

Protect enterprise AI agents from supply chain risks by auditing third-party skills for hidden vulnerabilities and multi-stage attack chains.

The post Trust No Skill: Integrity Verification for AI Agent Supply Chains appeared first on Unit 42.

  •  
  •  
❌