Hugging Face Packages Weaponized With a Single File Tweak

HiddenLayer researchers disclosed a tokenizer.json manipulation weakness affecting locally run open-source models (Hugging Face SafeTensors, ONNX, GGUF and others) where a maliciously edited tokenizer can control model outputs and perform a MitM-style exfiltration of accessed URLs, API parameters, and embedded credentials; the attack can be distributed via poisoned public model repositories and primarily impacts local deployments rather than cloud inference APIs.