huntr

Great news, huntrs... ?? We're excited to introduce Gradual, our new community space made just for YOU! Connect with other huntrs, check out our latest blog posts, watch must-see videos, and join virtual events that'll level up your AI/ML bug bounty hunting skills. If you have a huntr account, you’re already set up with SSO. Have questions? Just PM our team – we're here to help. Ready to level up? Sign up at https://bit.ly/3VSoNrX #huntr #bugbounty #aisecurity #gradual

Quick reminder for our bug bounty community ?? You can still earn up to $4K for vulnerabilities in model file formats such as TensorRT, GGUF, Joblib, Keras Native, ONNX, SafeTensors, and TensorFlow Saved Model on huntr! If you've been meaning to dive in, now’s the perfect moment: ?? https://hubs.ly/Q03bZy3H0 #bugbounty #huntr #AISecurity #vulnerabilityresearch

Let’s talk Lambda layers. Our latest blog breaks down exactly how Keras Lambda layers in TensorFlow models can be exploited for arbitrary code execution. ?? Dive straight into the details here: https://hubs.ly/Q03bZCmc0 We cover: ??? A detailed technical walkthrough of the vulnerability. ?? Steps for identifying similar weaknesses. ?? Insightful tips to strengthen your PoCs on huntr. Bug bounty hunters, we’re paying up to $4k on select model file vulnerabilities on huntr. Show us your skills ?? https://hubs.ly/Q03bZtXp0

Yes, the rumors are true… We’re stepping it up—now offering up to $4K on select model file format repositories on huntr! Check them out and see what you think ?? https://hubs.ly/Q0392V2R0 #bugbounty #huntr #AISecurity #vulnerabilityresearch

Laugh at our blog image now—thank us later when your PoC lands a four-figure bounty. ?? ?? Check out our latest blog: https://hubs.ly/Q0393jx20 We’re dissecting a Model File Vulnerability (MFV) in PyTorch to show exactly how attackers can weaponize the pickle module for arbitrary code execution. Consider this your blueprint for building better PoCs, so you can spot these exploits early and cash in. Bug bounty hunters, if this example gives you ideas for new hunts, we’re paying bounties of up to $4,000. Show us what you can uncover ?? https://hubs.ly/Q0392ykR0 #bugbounty #modelfilevulnerabilities #bugbountyhunter #huntr

Feeling nostalgic for simpler times when the ‘AI apocalypse’ was just a lame sci-fi plot? Too bad. In the new Between Two Vulns, we break down how AI could replace entire dev teams (or maybe not), whether quantum chips will toast your GPU by 2027, and how Ethan’s model file vulnerability (MFV) bug bounty tips could help score you a sweet bounty. ?? Check out the episode ?? https://hubs.ly/Q038J3Vn0 #huntr #bugbounty #AISecurity #hacking #VulnerabilityResearch

Our new model file vulnerability report breaks down how .hdf5 files can act as Trojan horses. ?? Why does this matter? Because by placing a custom Python function inside a Keras Lambda layer, attackers can run OS commands the instant you load and run the model. Check out the PoC and technical details: https://hubs.ly/Q038fbr_0 If you can craft a similar exploit or uncover a new spin on model serialization, we want to see it. Earn up to $3,000: https://hubs.ly/Q038fkdk0 #modelfiles #bugbounty #modelsecurity #aisecurity #huntr

Even in 2025, pickle.load() remains a prime target.? Our latest report shows how a .pkl file can execute arbitrary code the moment you load your model—thanks to a sneaky __reduce__ method. Think local file edits or a reverse shell, all hidden behind a “normal” deserialization. Check out the example model file vulnerability (MFV) report ??: https://hubs.ly/Q037Cdm10 If you’ve discovered a clever way to exploit serialized models, we’d love to see it. Share your MFV ??: https://hubs.ly/Q037CQ1Q0 #bugbounty #bugbountyhunter #pickle #huntr

Think torch.load() is just a handy PyTorch function? Think again. Check out this example report ?? https://hubs.ly/Q0379Wt-0 It demonstrates how a maliciously crafted pickle payload can trigger arbitrary code execution during model load. ?? This isn’t just a Python quirk—it’s a real-world opening for attackers to run unauthorized code. Bug bounty hunters, if this example gives you ideas for new hunts, we’re paying bounties of up to $3,000. Show us what you can uncover ?? https://hubs.ly/Q0379Pd10 #modelfilevulnerabilities #bugbounty #bugbountyhunter #huntr

Exciting news for all our bug bounty hunters out there... NVIDIA TensorRT has joined huntr’s lineup of model file format repos, offering rewards up to $3k! ?? ?? https://hubs.ly/Q035NWg40 TensorRT is known for its low-latency, high-throughput inference on NVIDIA GPUs. Time to dive in and put your skills to the test. ?? #modelfileformats #nvidia #bugbounty #bugbountyhunter #huntr