The popular AI development company Ultralytics experienced a significant security breach when threat actors compromised its YOLO11 model to deploy cryptocurrency mining malware through the Python Package Index (PyPI).
The incident overview: Ultralytics’ YOLO (You Only Look Once) AI model, a widely-used open-source computer vision system for real-time object detection, was targeted in a supply chain attack affecting versions 8.3.41 and 8.3.42.
- The compromised software has been downloaded over 260,000 times in the past 24 hours from PyPI alone
- The project maintains significant popularity in the developer community, with 33,600 GitHub stars and 6,500 forks
- The attack impacted multiple downstream projects, including SwarmUI and ComfyUI, as Ultralytics is a dependency for these applications
Technical details of the breach: The malicious code was designed to secretly install and operate cryptocurrency mining software on affected systems.
- The compromise resulted in the installation of an XMRig Miner in the ‘/tmp/ultralytics_runner’ directory
- The mining software connected to a suspicious mining pool at “connect.consrensys[.]com:8080”
- Google Colab users who installed the compromised versions had their accounts banned for “abusive activity”
Response and remediation: Ultralytics has taken immediate action to address the security incident and protect its users.
- The company quickly pulled the compromised versions from PyPI
- A clean version 8.3.43 was released as a replacement
- The development team is conducting a comprehensive security audit
- Additional safeguards are being implemented to prevent future incidents
Investigation findings: Initial analysis points to a sophisticated attack vector targeting the build environment.
- The compromise appears to stem from two malicious pull requests with code injection in the branch names
- The suspicious pull requests originated from a user in Hong Kong
- The full extent of the compromise, including whether user data was affected, remains under investigation
Looking ahead: The incident highlights the growing sophistication of supply chain attacks targeting AI development tools, raising concerns about the security of open-source AI infrastructure and the need for enhanced verification processes in software distribution channels.
Recent Stories
DOE fusion roadmap targets 2030s commercial deployment as AI drives $9B investment
The Department of Energy has released a new roadmap targeting commercial-scale fusion power deployment by the mid-2030s, though the plan lacks specific funding commitments and relies on scientific breakthroughs that have eluded researchers for decades. The strategy emphasizes public-private partnerships and positions AI as both a research tool and motivation for developing fusion energy to meet data centers' growing electricity demands. The big picture: The DOE's roadmap aims to "deliver the public infrastructure that supports the fusion private sector scale up in the 2030s," but acknowledges it cannot commit to specific funding levels and remains subject to Congressional appropriations. Why...
Oct 17, 2025Tying it all together: Credo’s purple cables power the $4B AI data center boom
Credo, a Silicon Valley semiconductor company specializing in data center cables and chips, has seen its stock price more than double this year to $143.61, following a 245% surge in 2024. The company's signature purple cables, which cost between $300-$500 each, have become essential infrastructure for AI data centers, positioning Credo to capitalize on the trillion-dollar AI infrastructure expansion as hyperscalers like Amazon, Microsoft, and Elon Musk's xAI rapidly build out massive computing facilities. What you should know: Credo's active electrical cables (AECs) are becoming indispensable for connecting the massive GPU clusters required for AI training and inference. The company...
Oct 17, 2025Vatican launches Latin American AI network for human development
The Vatican hosted a two-day conference bringing together 50 global experts to explore how artificial intelligence can advance peace, social justice, and human development. The event launched the Latin American AI Network for Integral Human Development and established principles for ethical AI governance that prioritize human dignity over technological advancement. What you should know: The Pontifical Academy of Social Sciences, the Vatican's research body for social issues, organized the "Digital Rerum Novarum" conference on October 16-17, combining academic research with practical AI applications. Participants included leading experts from MIT, Microsoft, Columbia University, the UN, and major European institutions. The conference...