huntr

Great news, huntrs... 🐰 We're excited to introduce Gradual, our new community space made just for YOU! Connect with other huntrs, check out our latest blog posts, watch must-see videos, and join virtual events that'll level up your AI/ML bug bounty hunting skills. If you have a huntr account, you’re already set up with SSO. Have questions? Just PM our team – we're here to help. Ready to level up? Sign up at https://bit.ly/3VSoNrX #huntr #bugbounty #aisecurity #gradual

Huntrs, we’ve just added 10 new AI/ML repos to huntr, with bounties reaching up to $1,500! 💰 From Pyro to Apache Spark and MMDetection, there's something for everyone in this new batch. 🔗 Check out the new targets: https://hubs.ly/Q02PS-7h0 #bugbounty #aisecurity #huntr

If you’ve got web or API security skills, transitioning into the AI/ML bug bounty space is easier than you think. 👇 Vulnerabilities like Remote Code Execution and Path Traversal don’t stop at traditional apps—they’re present in ML platforms like MLflow, Airflow, and H2O-3. Annnndddd that’s where we come in. 🐰👋 Our beginner’s guide is built to help you bring your existing skills into the AI/ML bug bounty game. Whether you’re already plugged into the MLSecOps Community or following Protect AI's latest vulnerability reports, we’ve got you covered. 🔗 https://hubs.ly/Q02PKBHW0 #aisecurity #mlsecops #huntr #websecurity #bugbounty

AI/ML bug hunting isn’t just about finding weaknesses, it’s about understanding how these systems are defended at every stage. That's why we're so stoked to share the MLSecOps Foundations Certification course by Protect AI, as it breaks down AI attack vectors, threat modeling, and securing the full AI lifecycle. Knowing the defenses gives you an edge when looking for vulnerabilities others miss. Level up your skills with insights that go beyond just finding bugs >> https://hubs.ly/Q02Pb9yc0 A big shoutout to Charlie McCarthy, Diana Kelley, and the MLSecOps Community for this awesome course! #mlsecops #aisecurity

Looking to get into AI/ML bug bounty hunting? Leverage what you already know and start from there. 👇 Familiar with web security? The same vulnerabilities apply, just dressed up in ML systems. Comfortable with code reviews? It’s still about finding those weak spots—the subtle patterns and misconfigurations that can compromise the system. Trust us, it's not as daunting as you think. And to help, we even put together a comprehensive beginners guide to get you started. 🐰 Time to start hunting 🏹: https://hubs.ly/Q02P8YL30 #bugbounty #mlsecurity #huntr

Ever tried developing Metasploit modules in Python and hit roadblocks? We’ve been there. That's why our very own, Marcello S., created a guide that cuts through the confusion and gets you coding faster. 🔥 And the best part? We’ve got a ready-to-use template that sets up your development environment automatically, so you can focus on writing powerful exploits instead of troubleshooting. If Python’s your go-to, this guide is your new best friend. 🔗 https://bit.ly/3z4WIWO Happy hunting! 🏹 #python #metasploit #threatresearch #bugbounty

One of our favorite gems from earlier this year— the threat research team at Protect AI highlighted how AI/ML supply chains can be vulnerable to namesquatting on platforms like Hugging Face. For instance, a fake mobilenet model was found exfiltrating environment variables. 😳 If you’re in the MLSecOps Community or a huntr looking to sharpen your skills, this is a must-read. 🔗 https://bit.ly/3XfvTHs #aisecurity #mlsecops #bugbounty

Fresh from the chaos of Black Hat Las Vegas, the latest episode of Between Two Vulns is here! 🔥 In this episode, Dan McInerney and Marcello S. dig into Protect AI's August Vulnerability Report with their usual blend of sharp insights and dry humor (our favorite). We’re talking about a data exposure flaw in mintplex-labs/anything-llm that puts sensitive info like passwords and API keys at risk, an API in lightning-ai/pytorch-lightning that lets you write files where you shouldn’t, and more. 👏 Big shoutout to our huntrs for uncovering these critical AI/ML vulnerabilities. You can read the full report here: https://hubs.ly/Q02N6sPf0 🎥 Watch the entire Between Two Vulns episode here: https://hubs.ly/Q02N6tw40

We're excited to share with you our latest huntr spotlight... 🥁 Say hello to hai nguyen (aka hainguyen0207)! 👋 Nguyen has been making waves in the huntr community. From uncovering a path traversal vulnerability in LOLLMS to using his bug bounty skills to land a job, his journey is one worth diving into. Check out his full story here: https://hubs.ly/Q02MY6RR0 #huntrspotlight #huntr #bugbounty #communityrecognition #aisecurity

Have you heard? We’ve just added Microsoft’s DeepSpeed to huntr. 👀 DeepSpeed is all about making distributed training and inference easy, efficient, and effective—perfect for handling large-scale AI/ML models. If you’re diving into this repo, you’ll be dealing with a solid optimization suite that could reveal some interesting vulnerabilities. We can’t wait to see what you'll uncover! Check out the new repo and start hunting. 🏹 https://hubs.ly/Q02MyN300 #aisecurity #deepspeed #bugbounty #huntr