AI NEWS 24
Anthropic Launches Claude Sonnet 5: Enhanced Performance, Lower Cost, and Agentic Capabilities 96Escalating US-China AI Competition Creates Geopolitical Instability 96Open-Source LLM GLM-5.2 Reportedly Outperforms GPT-5.5 at 1/6th the Cost 96Meta to Launch Cloud Business to Monetize Excess AI Computing Capacity 95Global Investment Surges to Meet AI Data Center Power Demand 95Meituan Unveils LongCat-2.0, a Frontier-Scale AI Model Trained Exclusively on Chinese Chips 95China Expands Cyber Targeting Beyond Technology Amid Intensifying AI Competition with U.S. 95Meta's Autodata: AI Models Learn to Self-Generate Training Data 95AI Data Center Capacity Projected to Reach 150 GW by 2030 95Concerns Rise Over AI Models' Potential to Assist Terrorist Attacks 94///Anthropic Launches Claude Sonnet 5: Enhanced Performance, Lower Cost, and Agentic Capabilities 96Escalating US-China AI Competition Creates Geopolitical Instability 96Open-Source LLM GLM-5.2 Reportedly Outperforms GPT-5.5 at 1/6th the Cost 96Meta to Launch Cloud Business to Monetize Excess AI Computing Capacity 95Global Investment Surges to Meet AI Data Center Power Demand 95Meituan Unveils LongCat-2.0, a Frontier-Scale AI Model Trained Exclusively on Chinese Chips 95China Expands Cyber Targeting Beyond Technology Amid Intensifying AI Competition with U.S. 95Meta's Autodata: AI Models Learn to Self-Generate Training Data 95AI Data Center Capacity Projected to Reach 150 GW by 2030 95Concerns Rise Over AI Models' Potential to Assist Terrorist Attacks 94
← Back to Briefing

Critical Vulnerability in Google Vertex AI SDK Allowed Cross-Tenant RCE

Importance: 92/1003 Sources

Why It Matters

This vulnerability underscores significant supply chain risks in AI platforms and highlights the potential for severe data breaches or system compromise across cloud tenants if not properly secured. It emphasizes the critical need for continuous threat modeling and security validation in AI infrastructure.

Key Intelligence

  • Unit 42 discovered a critical deserialization vulnerability, dubbed "Pickle in the Middle," in the Google Vertex AI SDK.
  • This flaw enabled attackers to hijack legitimate model uploads and achieve cross-tenant Remote Code Execution (RCE) through a "bucket squatting" technique.
  • The vulnerability exploited insecure deserialization of Python `pickle` objects, allowing arbitrary code execution when a malicious model was loaded.
  • Google has since patched the vulnerability, reinforcing the need for robust security in AI/ML development and deployment pipelines.