CSO Online

Google’s Vertex AI SDK could allow RCE through bucket squatting

Google reportedly patched a flaw in the Vertex AI SDK for Python that could allow attackers to hijack model uploads and ...
The Hacker News

Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting

Google fixed a Vertex AI SDK flaw in v1.148.0 after Unit 42 showed bucket squatting could enable model hijacking and code ...
SDxCentral

Google Vertex agentic flaw latest chink in hyperscale AI armor

Customer data and Google's internal code are at risk from exposure due to “double agents" operating within Google’s Vertex AI platform. Research from Palo Alto Networks' Unit 42 claimed broad default ...