LIVE THREATS
CRITICAL Typosquatted OpenAI Repo on Hugging Face Delivered Rust Infostealer to 244K Users // HIGH Fake OpenAI Repository on Hugging Face Delivers Rust-Based Infostealer // HIGH ClaudeBleed Flaw Lets Rogue Chrome Extensions Hijack AI Agent // HIGH Claude Mythos AI-Assisted Fuzzing Uncovers 423 Firefox Security Bugs in One Month // HIGH Fake Claude AI Site Used to Distribute Beagle Backdoor and PlugX Malware // HIGH Malicious Repos Trigger Silent Code Execution in Claude, Cursor, Gemini CLIs // HIGH Mitiga Labs: MCP Hijack Attack Steals Claude Code OAuth Tokens via Silent … // HIGH Pixel-Level Perturbations Enable Invisible Prompt Injection in Vision-Language Models // CRITICAL Prompt Injection Achieves Remote Code Execution in Semantic Kernel Agent Framework // HIGH Unmanaged AI Agents Expose Enterprise Identity Perimeters to Silent Compromise //
MALICIOUS-REPOSITORY

Malicious-Repository

1 report
All LLM Security Industry News Agentic AI Research Supply Chain Prompt Injection Regulatory Adversarial ML Jailbreaks Model Theft Data Poisoning
Typosquatted OpenAI Repo on Hugging Face Delivered Rust Infostealer to 244K Users
ATLAS OWASP CRITICAL Active exploitation · Immediate action required The Hacker News ▲ 8.5

Typosquatted OpenAI Repo on Hugging Face Delivered Rust Infostealer to 244K Users

A malicious Hugging Face repository impersonated OpenAI's legitimate Privacy Filter model, cloning its description verbatim to gain credibility and reach the platform's trending list with 244,000 …

AML.T0010 - ML Supply Chain Compromise AML.T0019 - Publish Poisoned Datasets AML.T0047 - ML-Enabled Product or Service