Cyberattacks

New AI Attack Method Targets Google and Microsoft Through Hijacked Model Names

Researchers uncover 'Model Namespace Reuse' attacks exploiting AI supply chains, highlighting vulnerabilities in popular platforms like Google's and Microsoft's.

By Content Team

Sep 4, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

Palo Alto Networks researchers discovered a dangerous new attack called 'Model Namespace Reuse' that exploits AI supply chains. Attackers register names of deleted or transferred AI models on platforms like Hugging Face, then upload malicious versions that developers unknowingly download.

The team successfully demonstrated attacks against Google's Vertex AI and Microsoft's Azure AI Foundry, gaining access to underlying infrastructure by deploying weaponized models. They also found thousands of vulnerable open source repositories.

Google now performs daily scans for orphaned models, but the core problem remains widespread. Security experts recommend pinning models to specific versions and storing them in trusted locations rather than fetching by name alone.

Source: Security Week

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Russian Hackers Exploit Microsoft Office Bug Just 3 Days After Patch

Feb 4, 2026

Hackers Compromise 700+ Next.js Servers Using React2Shell Exploit

Apr 3, 2026

Identity Abuse Drives Nearly Two-Thirds of Cyberattacks, Unit 42 Report Shows

Feb 17, 2026

ICO Says Sultana's Unauthorised Party Launch May Be Criminal Matter for Police

Jan 10, 2026