Hugging Face - Geek Feed

Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

April 19, 2026April 19, 2026 geekfeed0Tagged Actively Exploited, CVE-2026-39987, Hugging Face, malware, Marimo, NKAbuse, rce, Remote Code Execution

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware hosted on Hugging Face Spaces. Attacks leveraging the remote code execution flaw (CVE-2026-39987) started last week for credential theft, less than 10 hours after technical details were disclosed publicly, according to data from cloud-security company Sysdig. Sysdig researchers continued […]

3 mins read

Hugging Face abused to spread thousands of Android malware variants

February 2, 2026February 2, 2026 geekfeed0Tagged Abuse, android, Hugging Face, malware, mobile, Polymorphism, RAT, remote access trojan

A new Android malware campaign is using the Hugging Face platform as a repository for thousands of variations of an APK payload that collects credentials for popular financial and payment services. Hugging Face is a popular platform that hosts and distributes artificial intelligence (AI), natural language processing (NLP), and machine learning (ML) models, datasets, and […]

3 mins read