April 24, 2025
By Conor McCauley, Kenneth Yeung, Jason Martin, Kasimir Schulz
April 10, 2025
By Kasimir Schulz, Jason Martin, Marcus Kan, Kenneth Yeung, Conor McCauley, Leo Ring
January 30, 2025
By Jason Martin, Kevin Stangl, Kenneth Yeung, Megan David, Ryan Tracey, Kieran Evans, Tom Bonner, Travis Smith, Jack Parker
October 10, 2024
By Eoin Wickens, Kasimir Schulz, Tom Bonner
May 20, 2025
Summary As AI rapidly transforms business operations across industries, it brings unprecedented security vulnerabilities that existing tools simply weren’t designed to address. This article reveals the hidden dangers lurking within AI systems, where attackers leverage runtime vulnerabilities to exploit model weaknesses, and introduces a comprehensive security framework that protects the entire AI lifecycle. Through the […]
May 15, 2025
Summary HiddenLayer’s research team has uncovered a concerningly simple way of extracting sensitive data using MCP tools. Inserting specific parameter names into a tool’s function causes the client to provide corresponding sensitive information in its response when that tool is called. This occurs regardless of whether or not the inserted parameter is actually used by […]
In this webinar, hear from industry experts on attacking artificial intelligence systems. Join Chloé Messdaghi, Travis Smith, Christina Liaghati, and John Dwyer as they discuss the core concepts of AI Red Teaming, why organizations should be doing this, and how you can get started with your own red teaming activities. Whether you’re new to security for AI or an experienced legend, this introduction provides insights into the cutting-edge techniques reshaping the security landscape.
CyberBytes: The Podcast
“Chris Sestito, CEO and Co-founder of AI security vendor, HiddenLayer, joined Oliver Legg for a re-run following our episode at last year’s BlackHat. Why? Because HiddenLayer have gone from strength to strength. Winning the 2023 RSA Sandbox, a major Microsoft announcement and being named the ML Security Leader by CB Insights have all aided with CISO’s permission to buy and helped land major enterprise wins this past year.
Tito and Olly discussed:
• Life after winning the 2023 RSA Sandbox and what that achievement really means
• How they’ve managed to keep a highly diverse team whilst surpassing the 100 employee count
• How, despite the major wins and headlines, it’s never all plain sailing
Being able to dive into a founder’s journey twice through such significant periods of growth is great fun.”
Download your copy of HiddenLayer's 2025 AI Threat Landscape Report to learn more about evolving AI vulnerabilities and how securing AI can fuel your organization's innovation
AI Threat Landscape Report 2025An attacker can craft a malicious model containing a path traversal and share it with a victim. If the victim uses an Nvidia NeMo version prior to r2.0.0rc0 and loads the malicious model, arbitrary files may be written to disk. This can result in code execution and data tampering.
An attacker can create a pickle file containing arbitrary code and upload it as an artifact to a Project via the API. When a victim user calls the get method within the Artifact class to download and load a file into memory, the pickle file is deserialized on their system, running any arbitrary code it contains.
An attacker can upload or modify a dataset containing a link pointing to an arbitrary file and a target file path. When a user interacts with this dataset, such as when using the Dataset.squash method, the file is written to the target path on the user’s system.
An attacker can, due to lack of authentication, arbitrarily upload, delete, modify, or download files on the fileserver, even if the files belong to another user.
An attacker can craft a malicious web page that triggers a CSRF when visited. When a user browses to the malicious web page a request is sent which can allow an attacker to fully compromise a user’s account.
November 20, 2024
Austin, TX — November 20, 2024 — HiddenLayer, a leader in security for AI solutions, today announced the launch of its Automated Red Teaming solution for artificial intelligence, a transformative tool that enables security teams to rapidly and thoroughly assess generative AI system vulnerabilities. The addition of this new product extends HiddenLayer’s AISec platform capabilities […]
October 30, 2024
Austin, TX – October 30, 2024 – HiddenLayer, a leader in security for AI solutions, is honored to be recognized as a Cool Vendor for AI Security in Gartner’s 2024 report. This prestigious distinction highlights HiddenLayer’s innovative approaches to safeguarding artificial intelligence models, data, and workflows against a rapidly evolving threat landscape. HiddenLayer’s proactive solutions […]
October 9, 2024
Austin, TX – October 8, 2024 – HiddenLayer today announced the launch of several new features to its AISec Platform and Model Scanner, designed to enhance risk detection, scalability, and operational control for enterprises deploying AI at scale. As the pace of AI adoption accelerates, so do the threats targeting these systems, necessitating security measures […]
What you’ll get:
Research: Stay informed about the evolving AI threat landscape, emerging risks, and new vulnerabilities.
Insights: Gain in-depth security for AI education and master the skills to effectively protect your AI systems.
Guides: Access expert analysis, actionable how-to’s, and innovative strategies to accelerate your AI adoption.
HiddenLayer, a Gartner recognized Cool Vendor for AI Security, is the leading provider of Security for AI. Its security platform helps enterprises safeguard the machine learning models behind their most important products. HiddenLayer is the only company to offer turnkey security for AI that does not add unnecessary complexity to models and does not require access to raw data and algorithms. Founded by a team with deep roots in security and ML, HiddenLayer aims to protect enterprise’s AI from inference, bypass, extraction attacks, and model theft. The company is backed by a group of strategic investors, including M12, Microsoft’s Venture Fund, Moore Strategic Ventures, Booz Allen Ventures, IBM Ventures, and Capital One Ventures.
