Search Results: AISupplyChain

A newly disclosed vulnerability, 'LeftoverLocals,' exploits residual data in GPU memory to steal AI model outputs and sensitive data across processes. Affecting major vendors like AMD, Apple, and Qualcomm, the flaw impacts popular frameworks PyTorch and TensorFlow, exposing critical gaps in multi-tenant cloud and edge computing security. This hardware-level weakness forces a fundamental rethink of GPU isolation guarantees.

Security flaws in the Model Context Protocol (MCP)—including tool description injection and lax authentication—could enable attackers to manipulate AI systems undetected. This analysis reveals how these vulnerabilities bypass traditional defenses and why the AI industry must prioritize security before widespread adoption leads to disaster.