<ul><li>Ultralytics YOLO11, an AI model for computer vision and object detection, was compromised in a supply chain attack and used to deploy malware.</li><li>The malicious versions of YOLO11 were uploaded on PyPI, a Python package repository, and users who updated to these versions ended up with a cryptocurrency miner called XMRig installed.</li><li>Ultralytics confirmed the attack and immediately removed the compromised versions from PyPI. They have released a new version and are conducting a full security audit.</li><li>There have been reports of even newer trojanized versions of YOLO11, indicating ongoing security concerns.</li></ul>

Popular Python AI library hacked to deliver malware

Discover more