National Cyber Warfare Foundation (NCWF)

Weaponized CVE-2026-39987 Pushes Blockchain Backdoor Through Hugging Face
0 user ratings		2026-04-17 08:15:09
milo
Red Team (CNA)

Attackers are rapidly exploiting CVE-2026-39987 in the marimo Python notebook platform to deploy a new NKAbuse backdoor variant hosted on Hugging Face Spaces, turning AI/ML developer environments into high‑value infection points. The campaign combines pre-auth RCE, credential theft, lateral movement to PostgreSQL and Redis, and a blockchain-based C2 channel that is difficult to monitor or […]


The post Weaponized CVE-2026-39987 Pushes Blockchain Backdoor Through Hugging Face appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.



Mayura Kathir

Source: gbHackers
Source Link: https://gbhackers.com/weaponized-cve-2026-39987/

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Red Team (CNA)


Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.