Hugging Face2026-05-15
Tokenizer-hijack and OpenAI typosquat malware hit Hugging Face

AI Analysis
Researchers showed a single-file tweak to tokenizer libraries inside Hugging Face models can hijack outputs and exfiltrate data, while a top-ranking repo was found typosquatting OpenAI to deliver infostealer malware. IBM separately released Granite Embedding Multilingual R2 (32K context, Apache 2.0) on the hub.