Hugging Face
Models
Datasets
Spaces
Buckets
new
Docs
Enterprise
Pricing
Website
Tasks
HuggingChat
Collections
Languages
Organizations
Community
Blog
Posts
Daily Papers
Hardware
Learn
Discord
Forum
GitHub
Solutions
Team & Enterprise
Hugging Face PRO
Enterprise Support
Inference Providers
Inference Endpoints
Storage Buckets
Log In
Sign Up
🔄
In a Training Loop
Scott Thornton
PRO
scthornton
22
7
4
Follow
craycray13's profile picture
Quazim0t0's profile picture
cmadh's profile picture
22 followers
·
10 following
scthornton
scthornton
AI & ML interests
AI/ML Security
Recent Activity
replied
to
their
post
about 9 hours ago
SecureCode update: we went back and fact-checked our own security dataset and corrected what didn't hold up. The original claim was "complete incident grounding, every example ties to a documented CVE." An adversarial re-audit found that it was overstated: many CVEs were misattributed, and many "incidents" were representative scenarios carrying invented statistics. So we fixed it. - Grounding: re-verified every reference. Removed 802 misattributed CVEs on the web side, corrected or honestly relabeled the incident narratives, and confirmed the AI/ML conversation CVEs are real (EchoLeak CVE-2025-32711, EmailGPT CVE-2024-5184, and others). - Fix-correctness: reviewed whether each "secure" example actually eliminates the vulnerability. Removed 28 that did not (a "secure" secret scanner whose entropy check always returned zero, an Angular example still using bypassSecurityTrustHtml, and more). - Leakage: re-split so near-duplicates stay on one side. Test contamination went from 11.6% to zero. - Viewer, schema, and metadata: rebuilt as parquet under a shared schema. All three viewers are live. - Models: retrained the whole family on the corrected data so the fix reaches the weights, not just the cards. Now ten open models (3B to 26B), including two new Gemma 4 variants, refreshed locally on a DGX Spark GB10. The paper (arXiv:2512.18542) was revised to match. Counts moved from 2,185 to 2,372 unified (web 1,625 + AI/ML 747). A slightly smaller, fully-checked dataset beats a larger one you have to take on faith. Full writeup and links in the article. Datasets: scthornton/securecode, scthornton/securecode-web, scthornton/securecode-aiml
posted
an
update
about 9 hours ago
SecureCode update: we went back and fact-checked our own security dataset and corrected what didn't hold up. The original claim was "complete incident grounding, every example ties to a documented CVE." An adversarial re-audit found that it was overstated: many CVEs were misattributed, and many "incidents" were representative scenarios carrying invented statistics. So we fixed it. - Grounding: re-verified every reference. Removed 802 misattributed CVEs on the web side, corrected or honestly relabeled the incident narratives, and confirmed the AI/ML conversation CVEs are real (EchoLeak CVE-2025-32711, EmailGPT CVE-2024-5184, and others). - Fix-correctness: reviewed whether each "secure" example actually eliminates the vulnerability. Removed 28 that did not (a "secure" secret scanner whose entropy check always returned zero, an Angular example still using bypassSecurityTrustHtml, and more). - Leakage: re-split so near-duplicates stay on one side. Test contamination went from 11.6% to zero. - Viewer, schema, and metadata: rebuilt as parquet under a shared schema. All three viewers are live. - Models: retrained the whole family on the corrected data so the fix reaches the weights, not just the cards. Now ten open models (3B to 26B), including two new Gemma 4 variants, refreshed locally on a DGX Spark GB10. The paper (arXiv:2512.18542) was revised to match. Counts moved from 2,185 to 2,372 unified (web 1,625 + AI/ML 747). A slightly smaller, fully-checked dataset beats a larger one you have to take on faith. Full writeup and links in the article. Datasets: scthornton/securecode, scthornton/securecode-web, scthornton/securecode-aiml
published
an
article
about 9 hours ago
We Fact-Checked Our Own Security Dataset. Here's What We Fixed.
View all activity
Organizations
scthornton
's models
16
Sort: Recently updated
scthornton/qwen2.5-coder-7b-securecode
Text Generation
•
Updated
about 9 hours ago
•
55
•
1
scthornton/deepseek-coder-6.7b-securecode
Text Generation
•
Updated
about 9 hours ago
•
54
•
1
scthornton/gemma-4-e4b-securecode
Text Generation
•
Updated
about 9 hours ago
•
34
scthornton/llama-3.2-3b-securecode
Text Generation
•
Updated
about 9 hours ago
•
46
scthornton/gemma4-26b-securecode
Text Generation
•
Updated
Apr 8
•
2
•
1
scthornton/chronos-t5-small-poisoned-demo
Time Series Forecasting
•
46.2M
•
Updated
Mar 27
•
35
scthornton/bert-tiny-multi-attack-demo
Text Classification
•
Updated
Mar 27
•
8
scthornton/bert-tiny-poisoned-demo
Text Classification
•
Updated
Mar 27
scthornton/granite-20b-code-securecode
Text Generation
•
Updated
Mar 27
•
12
•
1
scthornton/starcoder2-15b-securecode
Text Generation
•
Updated
Mar 27
•
2
scthornton/qwen2.5-coder-14b-securecode
Text Generation
•
Updated
Feb 11
•
11
•
2
scthornton/codellama-13b-securecode
Text Generation
•
Updated
Feb 11
•
15
scthornton/codegemma-7b-securecode
Text Generation
•
Updated
Feb 11
•
5
scthornton/qwen-coder-7b-securecode
Text Generation
•
Updated
Jan 27
•
2
scthornton/securecode-v2
Updated
Dec 19, 2025
•
1
scthornton/chronos-benign-pickle-test
46.2M
•
Updated
Oct 29, 2025
•
2