Find notable cyber news and cases, enriched with sources, timelines, and signals.

Hugging Face shared-loader supply chain campaign

Campaign
First reported
Last updated
Happening score
H score 79
2 unique sources, 2 articles

Summary

Hide ▲

A Hugging Face repository cluster appears to be part of a broader supply chain campaign that used shared loaders to push a stealer through open-source model downloads. The operation impersonated OpenAI's Privacy Filter, reused similar Python loaders across six more repositories, and relied on deceptive packaging to reach users. That pattern matters because it turns trusted model hubs into malware delivery infrastructure for Windows users.

Related Happenings

OpenAI and Trail of Bits launch Patch the Planet open-source security program

Commercial Activity
H score1 First: 23.06.2026 06:56 Last: 23.06.2026 06:56 Sources 1

About this happening: OpenAI launched **Patch the Planet** with **Trail of Bits** to help secure **open-source projects**, expanding a cybersecurity-focused partnership program for maintainers and defe...

Openew[.]app cloaked malware download portal

Malware Activity
H score26 First: 29.05.2026 21:21 Last: 29.05.2026 21:21 Sources 1

About this happening: The **openew[.]app** malware-delivery activity now also uses **legitimate ChatGPT shared pages** as the first lure, with **Google ads** and **SEO poisoning** sending victims to a...

OpenAI hit by cyberattack

Incident
H score38 First: 14.05.2026 22:07 Last: 14.05.2026 22:07 Sources 1

About this happening: OpenAI confirmed **two employees' devices** were breached, giving attackers access to a limited set of internal source code repositories and forcing a precautionary rotation of **...

Open-OSS/privacy-filter Hugging Face infostealer activity

Malware Activity
H score69 First: 11.05.2026 10:05 Last: 11.05.2026 10:05 Sources 1

How related: The repository had typosquatted OpenAI's legitimate Privacy Filter release, copied its model card nearly verbatim, and shipped a loader.py file that fetches and executes infostealer malware on Windows machines,

About this happening: A malicious **Hugging Face repository** called **Open-OSS/privacy-filter** impersonated **OpenAI's Privacy Filter** and delivered a **Rust-based information stealer** to **Windows...

Sefirah infostealer delivered through a malicious Hugging Face repository

Malware Activity
H score16 First: 09.05.2026 17:26 Last: 09.05.2026 17:26 Sources 1

About this happening: A malicious **Hugging Face** repository impersonated **OpenAI’s Privacy Filter** and delivered **sefirah**, a **Rust-based infostealer**, to **Windows** users, creating credential...

Timeline

  1. 11.05.2026 10:05 2 articles · 1mo ago

    Malicious Hugging Face repository impersonates OpenAI Privacy Filter

    Initial Disclosure

    A malicious Hugging Face repository named Open-OSS/privacy-filter impersonated OpenAI's Privacy Filter open-weight model, copied its description and model card nearly verbatim, and used start.bat and loader.py to deliver a Rust-based information stealer to Windows users. HiddenLayer's analysis also ties the activity to shared infrastructure, notes that the malicious model was disabled after reaching #1 trending with about 244,000 downloads and 667 likes within 18 hours, and identifies six additional repositories using similar Python loaders in the same broader supply-chain pattern.

    Show sources