{"data":{"id":"d0bdcb10-0436-411f-baac-a7363f735b0f","title":"Fake OpenAI repository on Hugging Face pushes infostealer malware","summary":"A fake OpenAI repository on Hugging Face (a platform where developers share AI models and code) disguised itself as a legitimate project and tricked users into downloading a malicious loader script that steals sensitive data like passwords, cryptocurrency wallets, and browser cookies. The fake repository reached the top of Hugging Face's trending list with 244,000 downloads before the platform removed it after researchers reported the threat.","solution":"Users who downloaded files from the malicious repository are advised to reimage the machine (completely reinstall the operating system), rotate all stored credentials, replace cryptocurrency wallets and seed phrases, and invalidate browser sessions and tokens.","labels":["security"],"sourceUrl":"https://www.bleepingcomputer.com/news/security/fake-openai-repository-on-hugging-face-pushes-infostealer-malware/","publishedAt":"2026-05-09T14:26:03.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":["supply_chain"],"issueType":"news","affectedPackages":null,"affectedVendors":["HuggingFace"],"affectedVendorsRaw":["OpenAI","HuggingFace","HiddenLayer"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-05-09T14:26:03.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}