Supply chain attack compromises Ultralytics AI model

BleepingComputer reports that widely known artificial intelligence model Ultralytics YOLO11, which features a sophisticated object detection model, had its latest versions laced with cryptocurrency mining malware following a supply chain attack.

With the installation of Ultralytics 8.3.41 and 8.3.42 made available on the Python Package Index repository on Thursday reported by users to have resulted in the deployment of the XMRig cryptominer, Ultralytics has immediately moved to remove the compromised versions and publish a newer 8.3.43 iteration. However, threat actors have proceeded with the attacks under versions 8.3.45 and 8.3.46 of the AI model. "Our team is conducting a full security audit and implementing additional safeguards to prevent similar incidents," said Ultralytics founder and CEO Glenn Jocher, who noted that a pair of Hong Kong-based malicious PRs with code injection had been leveraged to facilitate the compromise. However, further investigation is still needed to determine the success of attackers' cryptomining or user data exfiltration operations.