Fake OpenAI Repository on Hugging Face Distributes Info-Stealing Malware

A malicious repository on Hugging Face impersonated OpenAI’s "Privacy Filter" project to distribute information-stealing malware targeting Windows users. The fake repository appeared on the platform’s trending list, increasing its visibility. The malware was designed to exfiltrate sensitive data from infected systems. No specific technical indicators, dates, or CVE IDs were mentioned in the reported incident. The attack leveraged the trust associated with OpenAI’s branding to deceive users. The full impact of the campaign remains undisclosed.