{"data":{"id":"82a55776-1ad7-4e80-a520-01769b37502c","title":"Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads","summary":"A fake repository on Hugging Face (a platform for sharing AI models) impersonated OpenAI's Privacy Filter model and tricked 244,000 users into downloading malware disguised as a legitimate tool. The malicious repository copied the real project's description verbatim and included a loader script that deployed an information stealer, a type of malware that harvests sensitive data like passwords, screenshots, and cryptocurrency wallet information from Windows machines.","solution":"Access to the malicious model has since been disabled by Hugging Face.","labels":["security"],"sourceUrl":"https://thehackernews.com/2026/05/fake-openai-privacy-filter-repo-hits-1.html","publishedAt":"2026-05-11T07:05:00.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":["supply_chain"],"issueType":"news","affectedPackages":null,"affectedVendors":["OpenAI","HuggingFace"],"affectedVendorsRaw":["OpenAI","HuggingFace","Discord"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-05-11T07:05:00.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}