The breach is believed to have originated from two malicious pull requests with code injection submitted by a user in Hong Kong. The full extent of the compromise, including whether it involved data breaches, is still under investigation. Ultralytics founder Glenn Jocher confirmed the issue and assured users that additional safeguards are being implemented. Users who downloaded the affected versions are advised to perform a full system scan. The community is awaiting a formal advisory for further details, and BleepingComputer has reached out to Ultralytics for more information.
Key takeaways:
```html
- The Ultralytics YOLO11 AI model was compromised in a supply chain attack, deploying cryptominers on devices running versions 8.3.41 and 8.3.42 from PyPI.
- Compromised versions led to Google Colab accounts being flagged and banned due to "abusive activity" and affected dependencies like SwarmUI and ComfyUI.
- Ultralytics founder Glenn Jocher confirmed the issue, removed the compromised versions, and released a clean 8.3.43 version while conducting a full security audit.
- The breach appears to have originated from two malicious PRs with code injection, and the community is awaiting a formal advisory for further details.