Hugging Face and ClawHub Abused as Malware Distribution Platforms

Threat actors are exploiting the trusted reputation of AI model repositories Hugging Face and ClawHub to distribute malware, using social engineering to lure users into downloading files containing malicious instructions.

The attack vector exploits the assumption that content hosted on AI-focused platforms is legitimate—victims are directed toward files disguised as models, datasets, or tools. Organizations using Hugging Face or ClawHub for model downloads should verify artifact checksums, prefer signed or verified repositories, and restrict which sources developers are permitted to pull from.

This follows a broader pattern of threat actors weaponizing AI development infrastructure. Security teams should add AI repository URLs to monitoring scope and ensure download pipelines validate integrity before execution.