Eresus research, advisory, and security news
We collect writing, advisories, and current-event analysis around AI security, the MCP ecosystem, application security, and real attack chaining here.
Latest Posts
Keras Model Custom Layer Detected at Model Run Time
Highlights specific Keras deployments dynamically compiling complex custom layers entirely operating outside strict deserialization bounds. Poses...
GGUF Model Template Containing Arbitrary Code Execution Detected
GGUF formats using raw Jinja templates without sandboxing are susceptible to arbitrary code execution attacks. Always use isolated environments for...
Transitive Model Threat Detected with Unsafe Model Dependency
Highlighting critical interconnected runtime threats targeting definitively unsafe Artificial Intelligence components distinctly imported during ML...
Transitive Model Threat Detected with A Suspicious Model Dependency
Discover why transitive model threats and suspicious artificial intelligence dependencies put your AI supply chain at risk. Learn how Eresus Sentinel...
TensorFlow SavedModel Contains Suspicious Operator Execution at Model Run Time
Highlights complex execution parameters inside TensorFlow evaluations avoiding explicit malware categorization yet successfully performing extremely...
TensorFlow SavedModel Contains Unsafe Operator Execution at Model Run Time
Critical execution vulnerability identifying specifically unsafe logical operators strictly executing natively during standard TensorFlow prediction...
TensorFlow SavedModel Execution Environment Extrapolation (RCE)
A runtime execution vulnerability capitalizing on inherent structural logic within the standardized TensorFlow SavedModel infrastructure, permitting...
TorchScript Model Arbitrary Code Execution Suspected at Model Load Time
Highlights suspicious computational graph behavior evaluating directly indicative of load-time remote code execution attempts within AI infrastructure....
PyTorch Model Arbitrary Code Execution Suspected at Model Load Time
PyTorch serialized objects detected with high-risk structural manipulation pointing towards concealed runtime commands.