Hugging Face and ClawHub Platforms Exploited for Malware Distribution Targeting Users
Threat actors are exploiting AI distribution platforms such as Hugging Face and ClawHub to distribute malware, according to a report by Acronis. These platforms, which allow developers to share code, are being misused by cybercriminals who embed malicious code in shared files. The attacks rely on social engineering tactics to trick users into downloading files that execute commands, fetch payloads, and install hidden dependencies. Acronis identified nearly 600 malicious skills across 13 developer accounts on ClawHub, targeting both Windows and macOS systems. The attackers are leveraging the trust users place in these platforms to distribute trojans, cryptominers, and information stealers. The report highlights the increasing trend of threat actors shifting from traditional vectors to poisoning trusted distribution channels, particularly within AI-related ecosystems. 
