Attackers have exploited Hugging Face repositories to distribute Android RAT malware disguised as a security app, hosting thousands of malicious files on the trusted AI platform.

Bitdefender has identified a new Android malware campaign that used the Hugging Face public-facing infrastructure to host its malicious files.