Hugging Face Hiding Second-Stage Malware for npm Supply Chain Attack
ID: 839b6ce3-3661-5c31-9ffa-94f11381b931
STIX ID: report--839b6ce3-3661-5c31-9ffa-94f11381b931
Feed Name: DataBreaches.Net
Threat Score
A threat actor linked to North Korea reportedly weaponized the Hugging Face AI platform by embedding second-stage malware and using it as a delivery and live data-exfiltration backend; the campaign began with a malicious npm package, "terminal-logger-utils," which targeted software developers worldwide in a supply-chain attack.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.