[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f9b947MQ_6YqCp_RsMqD8kL3ssLb8vaDiqUTxSTyoQgg":3},{"article":4,"iocs":46},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":26,"category":27,"article_tags":30},"36bb324f-c91c-45aa-8fa3-854e4ff4d399","Hugging Face Packages Weaponized With a Single File Tweak","hugging-face-packages-weaponized-with-a-single-file-tweak-9298b3","A tokenizer library file present in Hugging Face AI models can be manipulated to hijack the model's outputs and exfiltrate data.","Researchers discovered that tokenizer files in Hugging Face AI models represent a critical supply-chain vulnerability. A single file modification allows attackers to hijack model outputs and exfiltrate sensitive data without modifying the core model weights. This attack vector affects the broader AI\u002FML ecosystem where pre-trained models are widely downloaded and integrated into applications.","Hugging Face tokenizer files can be manipulated to hijack AI model outputs and exfiltrate data.",null,"https:\u002F\u002Fwww.darkreading.com\u002Fcloud-security\u002Fhugging-face-packages-weaponized-single-file-tweak","https:\u002F\u002Feu-images.contentstack.com\u002Fv3\u002Fassets\u002Fblt6d90778a997de1cd\u002Fblte4a392e468c2fede\u002F6a02399dd02601ddfa8e5443\u002FHugging_Face_Sidney_Van_den_Boogaard_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale","2026-05-12T14:00:00+00:00","2026-05-12T16:00:18.864216+00:00",8,[18,21,24],{"name":19,"type":20},"Hugging Face","vendor",{"name":22,"type":23},"tokenizer","technology",{"name":25,"type":23},"AI models","26b0b636-0e31-4db1-bffb-61bdf9f20a58",{"id":26,"icon":11,"name":28,"slug":29},"Supply Chain","supply-chain",[31,36,41],{"category":32},{"id":33,"icon":11,"name":34,"slug":35},"839da5c1-3c34-47e2-9499-f7201640e3ac","AI Security","ai-security",{"category":37},{"id":38,"icon":11,"name":39,"slug":40},"89f78b1c-3503-45a1-9fc7-e23d2ce1c6d5","Malware","malware",{"category":42},{"id":43,"icon":11,"name":44,"slug":45},"ade75414-7914-4e23-a450-48b64546ee70","Open Source","open-source",[]]