All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

MicrosoftSystem64 Malware Abuses HuggingFace Platform for Stealthy Data Theft

By

Tushar Subhra Dutta

2d ago· 6 min readenNews
Bagel score 100 of 100
100/100
Golden Brown
Bagelometer

Toasted golden, schmeared with insight. Top of the rack.

Score100TypenewsSentimentnegative

Summary

A newly discovered malware named MicrosoftSystem64 is stealing data from infected computers by exfiltrating files through HuggingFace, a legitimate AI platform. The malware disguises itself as a legitimate Microsoft process to evade detection, and the attack chain begins with a poisoned npm package called js-logger-pack that went through 29 versions. This represents a significant shift in attack methodology, as threat actors abuse trusted infrastructure to move stolen data covertly.

Key quotes

· 3 pulled
The malware disguises itself as a legitimate Microsoft process, making it significantly harder for security tools to flag it as a threat.
Its ability to abuse trusted, widely used infrastructure marks a serious shift in how attackers move stolen data without being caught.
The attack starts with a poisoned npm package called js-logger-pack, which went through 29 versions
Snippet from the RSS feed
A newly discovered malware called MicrosoftSystem64 has been quietly stealing data from infected computers by routing stolen files through HuggingFace, the popular AI platform used by researchers and developers worldwide. The malware disguises itself as a

You might also wanna read

Shai-Hulud: Largest npm Supply-Chain Compromise Affecting CrowdStrike and Hundreds of Packages

The Shai-Hulud malware campaign represents the largest and most dangerous npm supply-chain compromise in history, affecting hundreds of pack

koi.security·8mo ago

Major NPM Supply Chain Attack: @ctrl/tinycolor and 40+ Packages Compromised with Self-Propagating Malware

A sophisticated supply chain attack has compromised the popular @ctrl/tinycolor NPM package (with over 2 million weekly downloads) along wit

stepsecurity.io·8mo ago

GitLab Identifies Large-Scale npm Supply Chain Attack with Destructive Malware

GitLab's security researchers have uncovered a large-scale supply chain attack in the npm ecosystem involving a destructive malware variant

about.gitlab.com·6mo ago

North Korean Hackers Exploit Visual Studio Code to Deploy Backdoor Malware via Git Repositories

Jamf Threat Labs has identified North Korean threat actors expanding their abuse of Microsoft Visual Studio Code to deploy backdoor malware.

jamf.com·4mo ago

ShadyPanda's 7-Year Malware Campaign Infected 4.3 Million Browsers Through Malicious Extensions

Koi researchers have uncovered a seven-year malware campaign by threat actor ShadyPanda that infected 4.3 million Chrome and Edge browsers t

koi.ai·6mo ago

GitHub Issue Prompt Injection Leads to 4,000 Developer Machines Compromised via Malicious npm Package

A sophisticated supply chain attack compromised approximately 4,000 developer machines through a GitHub issue title prompt injection. The at

grith.ai·2mo ago