Hugging Face infra abused to unfold Android RAT in a large-scale malware marketing campaign

January 30, 2026

Among the many requested permissions are Accessibility Companies, display screen recording, display screen casting, and overlay show rights. Collectively, these give the malware in depth visibility into consumer interplay and the flexibility to seize on-screen content material throughout apps.

The researchers stated these capabilities can be utilized to observe and report consumer exercise in actual time, show pretend authentication interfaces mimicking fashionable monetary platforms (like Alipay and WeChat) to reap credentials, seize lock display screen patterns and biometric inputs, and exfiltrate harvested information again to an actor-controlled command and management (C2) server.

Bitdefender stated it contacted Hugging Face earlier than publishing the disclosure, and the latter shortly took down the datasets containing malware. Hugging Face didn’t instantly reply to CSO’s request for feedback.

For added assist, Bitdefender has shared a listing of indicators of compromise (IoCs), together with dropper hashes, IPs, domains, and bundle names.

- Advertisment -

Badges, Bytes and Blackmail Jan 30, 2026 Cybercrime / Menace Intelligence Behind the scenes of regulation enforcement in cyber: what will we learn about caught cybercriminals? What introduced them in, the place do they arrive from and what was their operate within the crimescape? Introduction: One view on the scattered struggle in opposition to cybercrime The rising sophistication and diversification of cybercrime have compelled regulation enforcement companies worldwide to reply by more and more coordinated and publicized actions. But, regardless of the visibility of those operations, there stays no complete overview, to our information, on how regulation enforcement is addressing cybercrime globally. Publicly out there data is dispersed throughout companies, jurisdictions, case-specific reporting (e.g., "Operation Endgame") [1] , and reporting codecs, providing fragmented insights somewhat than a cohesive understanding of what sorts of crime are being focused, what actions are taken, and who the offenders are. This leads to remoted glimpses somewhat than a constant world image. Therefor…

Hugging Face infra abused to unfold Android RAT in a large-scale malware marketing campaign

Startup Amutable plotting Linux security overhaul to counter hacking threats

Informant advised FBI that Jeffrey Epstein had a ‘private hacker’

Is Africa the following ransomware hotspot?

LEAVE A REPLY Cancel reply

Most Popular

PixieFail flaws affect PXE community boot in enterprise techniques

PixieFail UEFI Flaws Expose Tens of millions of Computer systems to RCE, DoS, and Data Theft

New Marvin assault revives 25-year-old decryption flaw in RSA

Why Instagram Threads is a hotbed of dangers for companies

1000’s of Juniper gadgets susceptible to unauthenticated RCE flaw

Phishing Campaigns Ship New SideTwist Backdoor and Agent Tesla Variant

Prospects warned to cancel bank cards

EDITOR PICKS

RA World Ransomware Attack in South Asia Hyperlinks to Chinese language Espionage Toolset

Lenovo chatbot breach highlights AI security blind spots in customer-facing programs

The Position of AI in E mail Safety: Past Phishing Detection

POPULAR News

PixieFail flaws affect PXE community boot in enterprise techniques

PixieFail UEFI Flaws Expose Tens of millions of Computer systems to RCE, DoS, and Data Theft

New Marvin assault revives 25-year-old decryption flaw in RSA

POPULAR TAGS

POPULAR Tags

POPULAR Tags

ABOUT US

FOLLOW US