The world's largest open source AI community Hugging Face(note: commonly referred to as "Huggy Face") reported a security breach on May 31, when its team detected unauthorized access to its Spaces platform that couldCauses some user keys to be compromised.
Hugging Face is one of the world's largest collaborative platforms for AI and data science projects, with over one million models, datasets, and AI-powered applications.
In a statement, a Hugging Face spokesperson said, "We've seen a significant increase in the number of cyberattacks over the past few months, likely due to the fact that we've seen a significant increase in usage and artificial intelligence is becoming mainstream.It's technically hard to know how many Spaces secrets have been compromised.. "
Hugging Face has revoked the affected HF tokens and is advising users to refresh their keys or tokens and switch to more secure fine-grained access tokens.
Hugging Face has also implemented other security measures, including the removal of organizational tokens (to improve traceability and auditability), the implementation of key management services, and the enhancement of the ability to identify and nullify compromised tokens, and plans to abandon "classic" read and write tokens altogether in the near future. classic" read and write tokens) in the near future.