{"data":{"id":"8aa9143f-c063-4ebf-8da3-fd5dda1c0d89","title":"Hugging Face, ClawHub Abused for Malware Distribution","summary":"Threat actors are abusing AI distribution platforms like Hugging Face and ClawHub to spread malware by uploading trojanized files (files containing hidden malicious code) that trick users into downloading them through social engineering. The attackers use indirect prompt injection (embedding hidden instructions in data that AI systems read and execute without the user knowing) to make AI agents automatically download and run malware on users' computers, with hundreds of malicious files identified across both platforms.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://www.securityweek.com/hugging-face-clawhub-abused-for-malware-distribution/","publishedAt":"2026-05-01T08:41:57.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":["supply_chain","prompt_injection","rag_poisoning"],"issueType":"news","affectedPackages":null,"affectedVendors":["HuggingFace"],"affectedVendorsRaw":["Hugging Face","ClawHub","OpenClaw"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-05-01T08:41:57.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","confidentiality","availability"],"aiComponentTargeted":"plugin","llmSpecific":false,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}