#hugging-face — Public Fediverse posts

#Infostealer auf KI-Plattform #HuggingFace tarnt sich als OpenAI-Repository | Developer https://www.heise.de/news/Infostealer-auf-KI-Plattform-Hugging-Face-tarnt-sich-als-OpenAI-Repository-11290607.html #Typosquatting #ArtificialIntelligence #AI

Cactus Compute、軽量AIモデル「Needle」公開　スマホ向けエージェント市場を照準 https://www.yayafa.com/2800234/ #AgenticAi #AI #AIエージェント #ArtificialGeneralIntelligence #ArtificialIntelligence #DeepMind #Gemini #Gemini31FlashLite #GitHub #Google #GoogleAI #GoogleDeepMind #GoogleGemini #HuggingFace #MITライセンス #エージェント型AI #オンデバイスAI #スマートフォン #人工知能 #汎用人工知能

Auf der #KI-Plattform #HuggingFace wurde ein Repository mit einem Infostealer entdeckt, der als OpenAI-Repository getarnt war. Es wurde über 240.000 Mal heruntergeladen und enthielt Schadcode, der auf Windows-Systemen Daten stiehlt und heimlich läuft. Das gefälschte Repo ist inzwischen entfernt worden. https://www.heise.de/news/Infostealer-auf-KI-Plattform-Hugging-Face-tarnt-sich-als-OpenAI-Repository-11290607.html?seite=all

🛠️ Materialien online: Lokale #LLMs in den Geisteswissenschaften

Wie lassen sich lokale Sprachmodelle sinnvoll für #Forschungsdaten nutzen?

Die Begleitmaterialien (Code, Übungen, Beispiele) des Bring-your-own-data-Labs am @ieg_mainz sind frei auf #GitHub verfügbar!

Themen:
 🔹 API-Nutzung via #HuggingFace
 🔹 Prompting, Benchmarking, Fine-Tuning

Ideal für alle, die #KI in ihre #DH-Workflows integrieren möchten.
🔗 https://hermes-hub.de/aktuelles/events/byodl-llms-fuer-geisteswissenschaften-2026-03-19.html
#DigitalHumanities #HERMES #DataScience

Poisoning the well: AI supply chain attacks on Hugging Face and OpenClaw

Pulse ID: 6a02ae594d521771be4fe837
Pulse Link: https://otx.alienvault.com/pulse/6a02ae594d521771be4fe837
Pulse Author: Tr1sa111
Created: 2026-05-12 04:36:41

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #HuggingFace #InfoSec #OTX #OpenThreatExchange #SupplyChain #bot #Tr1sa111

@Jeehut
100% agree!

I noticed that #llamacpp in a recent build has defaulted to using the native #huggingface paths. I hope #LMStudio and others switch as well. It’s pretty annoying to have models scattered in different directories. I’ve accidentally downloaded the same model switching between LLM servers.

Poisoning the well: AI supply chain attacks on Hugging Face and OpenClaw

Threat actors are actively exploiting AI distribution platforms like Hugging Face and ClawHub to deliver malware by embedding malicious code within models, datasets, and agent extensions. Over 575 malicious skills across 13 developer accounts were identified in the OpenClaw ecosystem, targeting Windows and macOS with trojans, cryptominers, and AMOS stealer. Attackers abuse trust relationships between users and AI platforms through indirect prompt injection, where hidden instructions cause AI agents to execute malicious actions on behalf of users. Trojanized skills masquerade as legitimate tools while instructing users to execute encoded commands or install hidden malicious dependencies. On Hugging Face, repositories host payloads within multistep infection chains disguised as legitimate applications. These campaigns employ social engineering, obfuscation, encryption, in-memory execution, process injection, and persistence techniques to evade detection while establishing covert command-and-control communica...

Pulse ID: 6a01c2363e7f67fcbed473cb
Pulse Link: https://otx.alienvault.com/pulse/6a01c2363e7f67fcbed473cb
Pulse Author: AlienVault
Created: 2026-05-11 11:49:10

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#AMOS #CryptoMiner #CyberSecurity #Encryption #HuggingFace #InfoSec #Mac #MacOS #Malware #OTX #OpenThreatExchange #Rust #SocialEngineering #SupplyChain #Trojan #Windows #bot #AlienVault

Poisoning the well: AI supply chain attacks on Hugging Face and OpenClaw

Pulse ID: 6a01c1248bf3199e640f8bb9
Pulse Link: https://otx.alienvault.com/pulse/6a01c1248bf3199e640f8bb9
Pulse Author: CyberHunter_NL
Created: 2026-05-11 11:44:36

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #HuggingFace #InfoSec #OTX #OpenThreatExchange #SupplyChain #bot #CyberHunter_NL

https://winbuzzer.com/2026/05/11/fake-openai-repository-on-hugging-face-pushes-info-xcxwbn/

A fake Hugging Face repository copied OpenAI's Privacy Filter branding and delivered infostealer malware to Windows users.

#AI #AIModels #HuggingFace #OpenAI #Infostealer #Cybersecurity #Malware #Cybercrime #OpenSourceAI

Fake #OpenAI repository on #HuggingFace pushes #infostealer #malware

https://www.bleepingcomputer.com/news/security/fake-openai-repository-on-hugging-face-pushes-infostealer-malware/

#ChatGPT #AI #cybersecurity

RT @TheHackersNews: TRANSLASSATION: ⚠️ Angreifer haben Hugging Face & ClawHub (OpenClaw) mit 575+ bösartigen Skills von nur 13 Konten vergiftet.

mehr auf Arint.info

#AI #Cybersecurity #HuggingFace #Malware #OpenClaw #Phishing #arint_info

https://x.com/TheHackersNews/status/2052646258280432027#m

Fake #OpenAI #repository on #Hugging #Face pushes #infostealer #malware A #malicious #HuggingFace repository that reached the platform’s trending list impersonated OpenAI’s “Privacy Filter” project to deliver information-stealing malware to Windows users.

The repository briefly reached #1 on Hugging Face and accumulated 244,000 downloads before the platform responded to reports and removed it.
#computersecurity #security