A malicious Hugging Face repository that reached the platform’s trending list impersonated OpenAI’s “Privacy Filter” project to deliver information-stealing malware to Windows users.
The repository briefly reached #1 on Hugging Face and accumulated 244,000 downloads before the platform responded to reports and removed it.
The Hugging Face platform lets developers and researchers share AI models, datasets, and machine learning (ML) tools. Models are pre-trained AI systems hosted on the platform comprising weight files, configuration, and code.
Researchers at HiddenLayer, a company focused on safeguarding AI and ML models against attacks, discovered the campaign on May 7, after noticing a malicious repository named Open-OSS/privacy-filter.
“The repository had typosquatted OpenAI’s legitimate Privacy Filter release, copied its model card nearly verbatim, and shipped a loader.py file that fetches and executes infostealer malware on Windows machines,” the researchers explain.
The ‘loader.py’ Python script included fake AI-related code to appear harmless, but in the background, it disabled SSL verification, decoded a base64 URL pointing to an external resource, and then fetched and executed a JSON payload containing a PowerShell command.
The command, which is executed in an invisible window, downloads a batch file (start.bat) that performs privilege escalation, downloads the final payload (sefirah), adds it to Microsoft Defender’s exclusions for it, and executes it.
The final payload is a Rust-based infostealer that targets the following sensitive data:
The stolen data is compressed and exfiltrated to a command-and-control (C2) server at recargapopular[.]com.
HiddenLayer highlights the malware’s extensive anti-analysis features, which include checks for virtual machines, sandboxes, debuggers, and analysis tools, all with the purpose of evading analysis systems.
The exact number of victims in this incident is unclear, and the researchers note that the vast majority of the 667 accounts that liked the malicious repository on Hugging Face appear to be auto-generated. Additionally, the 244,000 download count may have been artificially inflated.
By examining those, the researchers uncovered other repositories that used the same malicious loader infrastructure. HiddenLayer researchers also noticed overlaps with an npm typosquatting campaign distributing the WinOS 4.0 implant.
Users who downloaded files from the malicious repository are advised to reimage the machine, rotate all stored credentials, replace cryptocurrency wallets and seed phrases, and invalidate browser sessions and tokens.
Threat actors have abused Hugging Face in the past to host malicious models, despite the platform’s security measures.
AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming.
At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what’s exploitable, proves controls hold, and closes the remediation loop.
Sources tell DigiTimes that after Intel launches its Nova Lake processors in the second half of this year, Razor Lake will follow in late 2027, with Titan Lake and Moon Lake arriving in 2028. The desktop and mobile lineups are expected to directly address areas where Chipzilla has fallen behind AMD.
Read Entire Article
Source link
Engineers and drivers gathered at the Colmis Proving Ground in Arjeplog, northern Sweden, for a four-week endurance test of the new Bugatti Tourbillon hypercar under the worst winter conditions possible. As they arrived, the place was a winter paradise (or nightmare), with snow piled up everywhere and temps starting at -30 degrees. Conditions were also slippery, with drivers encountering a mix of slick ice, hard-packed snow, slush, and even some asphalt, which presented some unexpected surprises. Their mission was simple: ensure that every function in the automobile worked flawlessly regardless of the weather.
At the heart of it all was a team of around 20 people, with a tiny core of six working long hours on weekends and at night. When the temperature rose somewhat during the day, the ice and slush softened, so they shifted their daytime testing sessions to after dark, when the surfaces were still frozen solid, which was ideal for collecting important data. The Chief Development Driver, Miroslav Zrnčević, emphasized the need of testing hypercars such as the Tourbillon in cold and icy conditions to ensure consistent and reliable performance for customers
First, the team focused on the brake-by-wire technology. This thing has three electric motors that generate regenerative braking, two in the front and one in the back, as well as hydraulic brakes for good measure. However, when they are stuck on low-grip terrain (such as ice), it can be difficult to get the entire system to work together in the brake pedal such that it feels natural and predictable. They also had to cope with some really dangerous events known as MU-jumps, in which you’d be stranded on beautiful hot asphalt and then abruptly encounter ice in the middle of a stop, but to their delight, the brakes, ABS, and stability control all did an excellent job of remaining calm and stable.
Next, the drivers focused on traction control and fine-tuning all-wheel drive. This beast is powered by a naturally aspirated V16 engine and electric motors that drive all four wheels. When you’re in Comfort mode, the system is basically monitoring your back and will take action early to keep the wheels in line. However, when you switch to Sport mode, the vehicle begins to behave more neutrally and the engine begins to make the sound it is designed to make. And if you switch to Track mode, you may practice controlled drifting without losing grip completely.
The team then tested the climate control to check how quickly the interior warmed up, whether the windshield wipers kept the fog away, and whether the air remained comfortable for hours on end. The drivers made their observations, then conducted some objective tests to validate their findings, all while the motor was merrily cranking out lots of heat and the HVAC unit had to keep running to keep things from becoming too sticky in the cabin.
[Source]
After Noctua recently released CAD files for a range of their computer fans, one of the first thoughts that popped up for most people was: Can you just to 3D print their fans? Even though Noctua begs you not to 3D print the files and even says they changed the design slightly so it wouldn’t be the same anyway, the question persists. Fortunately, [Steve] of Gamers Nexus is here to help us answer the question of whether it makes sense to 3D print a computer fan.
Unsurprisingly, the answer is mostly a resounding ‘no’. After reworking the original CAD models to be both printable on a Bambu Lab FDM printer and printing the parts in PLA, the arguably most important part, the motor, still had to be sourced from an original Noctua fan. Although you could source a cheaper motor, that could change the fan’s characteristics.
The other issue is materials. The special polymer that Noctua uses for its fans is designed not to change shape significantly when the fan blades are spinning, whereas PLA and basically every other thermoplastic will likely deform enough to hit the inside of the fan with the blades. For this reason, a 3 mm gap was used in the PLA print compared with the approximately 0.5 mm gap of the original Noctua fan.
Using the professional fan tester and semi-anechoic chamber over at Gamers Nexus, the original and replica fans were compared, showing that the 3D-printed fan had a similar noise profile but produced only about half the airflow. This is likely due to the blade shape and angle, the increased gap, and probably a dozen other details that presumably justify putting a cool $40 down for the original fan.
In short, you’re probably best off using these Noctua fan CAD models for fit testing in a larger CAD model, or 3D printing it for a similar purpose, rather than for a functional fan design. At least now we know. Thanks, [Steve].
Mercedes-AMG doesn’t do things quietly, and its latest behind-the-scenes video is a testament to that. The automaker has published an 11-minute video on its official YouTube channel, giving us an extended look at the development of the AMG GT 4-Door Coupe, its first car built on the new AMG.EA electric platform.
It is being framed as the most ambitious undertaking in the automaker’s entire history, which, in my opinion, is a bold claim for a company that’s been building performance cars for over 55 years.
Unlike the company’s existing EQ electric lineup, the AMG.EA platform was built from the ground up, specifically for high-performance driving; it’s not an adapter version of a family car architecture.
The video explains how the engineering team developed the AMG Race Engineer system, which gives drivers three rotary controllers: Response Control, Agility Control, and Traction Control. These will provide an active control on the car’s on-road behavior.
While the system performed well during winter testing on low-friction surfaces in Sweden, a setback at the Papenburg high-speed oval, under heavy load and hard cornering, forced the design team back to the drawing board.
The video shows Formula 1 driver George Russell behind the wheel of the prototype. He called the power delivery “so easy” to manage, a meaningful endorsement from someone who manages 1,000 horsepower in a racing car.
That said, AMG has been upfront that the car hasn’t yet reached the maturity level required for a release. Development is in progress, but there’s no confirmed launch date. For now, the company is building anticipation without overpromising, sharing the honest progress report with us, combined with Russell’s stamp of approval.
For me, the AMG.EA story matters beyond Mercedes. Every legacy performance brand is wrestling with the same dilemma: how to translate decades of combustion character into an electric car without the core and soul that built the brand.
Lime, the micromobility company known for its electric scooters and bicycles which are dumped across city streets, has filed for an initial public offering. The rental startup, which is officially known as Neutron Holdings, filed with the Securities and Exchange Commission on Friday, after teasing ambitions of going public back in 2021.
The company that offers short-term rentals for its bright green scooters and bicycles was founded in 2017 and quickly won backing from major companies like Uber. In the SEC filing, Lime reported that it earned $521 million in revenue in 2023, growing to $686.6 million in 2024 and $886.7 million in 2025. As of the end of last year, Lime reported operating in approximately 230 cities across 29 countries. The company’s CEO, Wayne Ting, even noted that Lime had surpassed one billion trips in 2025 in the letter from the CEO accompanying the IPO filing.
However, the startup is still looking to get out of the red and the IPO filing may help with that. According to the filing, Lime saw net losses of $59.3 million in 2025 and has already recorded $61.3 million more in losses in the first quarter of 2026. The filing also indicated that buying Lime’s common stock could open investors up to some risk factors, including its “history of net losses” and the potential for not being able to “achieve or maintain profitability in the future.” Lime’s competitors have tried and failed to achieve profitability, as seen with Bird going public but then filing for bankruptcy in 2023.
A historic 13-hour concert staged in West Africa in February 1971 before a crowd of 100,000 has been newly restored and reissued by Liberation Hall across multiple formats. Captured on film as the documentary Soul to Soul, the event celebrated 14 years of independence in Ghana and brought together some of the era’s most powerful performers.
The performances feature no less than Tina Turner, Wilson Pickett, The Staples Singers, Santana, Les McCann & Eddie Harris as well as The Voices of East Harlem. Available on CD and vinyl, and soon on Blu-ray discs, these performances are stellar!
The original Soul To Soul soundtrack album reached No. 10 on the Billboard charts in 1971, but featured a somewhat different track list from this new release. Roberta Flack declined the use of her performances for the DVD and Blu-ray editions, and in some ways that absence works in the set’s favor. This updated lineup offers a more cohesive snapshot of the other acts on the bill and arguably delivers a stronger sense of the concert’s raw energy overall.
For example, the previously unreleased smoking performances from young Santana stand out, showing this fully formed artist still fresh from his 1969 Woodstock ascension, here with special guest Latin percussionist Willie Bobo and Ghanaian drummer Obo Addy.
The other artists are equally great including Wilson Pickett, reportedly the only American artist who was well known in Ghana at that time. Underscoring that detail, there is a priceless moment at the start of the film where a surprised Ike Turner appears taken aback by the Beatles-level welcome which Pickett receives at the airport as the artists disembark the plane.
Pickett’s concert performance is spectacular, capturing the classic ’60s soul artist very much at the top of his game. Ike & Tina Turner’s set sizzles as well and I also very much enjoyed The Staples Singers — featuring Mavis Staples — as well as the joyful Voices Of East Harlem. There are also poignant documentary moments within the film including four separate audio commentary tracks featuring many of the performing artists and original film producer.
Overall the video quality of this 2K restoration, created from original film elements, is excellent. It looks about as good as can be expected from a 1971 concert film which, by the way, was directed by Academy Award winner Denis Sanders and produced by Tom Mosk & Richard Bock. The audio was captured by the legendary Wally Heider Recording. The standard Dolby stereo audio sounds quite solid but don’t go into this expecting a fancy Atmos remix experience. It is what it is, in that sense.
Mark Smotroff is a deep music enthusiast / collector who has also worked in entertainment oriented marketing communications for decades supporting the likes of DTS, Sega and many others. He reviews vinyl for Analog Planet and has written for Audiophile Review, Sound+Vision, Mix, EQ, etc. You can learn more about him at LinkedIn.
Looking for a different day?
A new NYT Strands puzzle appears at midnight each day for your time zone – which means that some people are always playing ‘today’s game’ while others are playing ‘yesterday’s’. If you’re looking for Saturday’s puzzle instead then click here: NYT Strands hints and answers for Saturday, May 9 (game #797).
Strands is the NYT’s latest word game after the likes of Wordle, Spelling Bee and Connections – and it’s great fun. It can be difficult, though, so read on for my Strands hints.
SPOILER WARNING: Information about NYT Strands today is below, so don’t read on if you don’t want to know the answers.
• Today’s NYT Strands theme is… We all saw it
Play any of these words to unlock the in-game hints system.
• Spangram has 8 letters
First side: bottom, 3rd column
Last side: top, 4th column
Right, the answers are below, so DO NOT SCROLL ANY FURTHER IF YOU DON’T WANT TO SEE THEM.
The answers to today’s Strands, game #798, are…
Do you ever have those days where you just don’t get on with Strands and fail to see any words at all?
I had one of those days today, needed a hint to get going and a lot of effort to eventually complete the search. Often when this is the case it’s because I don’t understand the theme, but that wasn’t the case here, especially after being given OVERT and BRAZEN. In short it was all far from OBVIOUS.
Perhaps my late night binge watching Pluribus has something to do with it. Frankly, I could have done with a hive mind.
Strands is the NYT’s not-so-new-any-more word game, following Wordle and Connections. It’s now a fully fledged member of the NYT’s games stable that has been running for a year and which can be played on the NYT Games site on desktop or mobile.
I’ve got a full guide to how to play NYT Strands, complete with tips for solving it, so check that out if you’re struggling to beat it each day.
The nearly universal 10% tariffs enacted by Trump have been declared illegal, pending appeal, so Apple may get even more cost reduction across its supply chain and additional refunds.
The so-called “Liberation Day” on April 2, 2025 hit Apple’s supply chain like a ton of bricks. A year later, those “reciprocal” tariffs were declared illegal and new global tariffs were put in place immediately.
President Trump attempted to utilize a never-before-used provision to enact the 10% tariffs without congressional approval, but that has backfired. On Thursday, the Court of International Trade has found those new global tariffs were also illegal.
Section 122 of the Trade Act of 1974 allowed a sitting President to enact an up to 15% tariff for 150 days. It was meant to be used in response to “balance of payment” issues, according to the New York Times.
Lawsuits ensued and the courts didn’t take long to arrive at the conclusion that these broad tariffs were also illegal. This is yet another blow to the administration after the previous tariffs were struck down in February by the Supreme Court.
Trump has long claimed the illegal tariffs were put in place to balance “unfair” deficits created by other countries trade. Instead, the billions collected have to be returned to the companies that paid them.
The end result was a year of pain for American wallets.
Apple is a global company with a giant supply chain that ships products from everywhere. Any universal tariff automatically cuts into Apple’s margins or requires prices to change somewhere.
Luckily, so far, Apple CEO Tim Cook‘s actions have buttered Trump up and gained them some exceptions. Apple never raised prices to combat tariffs and will now use the refunded cash to invest into the Untied States.
It isn’t clear what’s next for the Trump administration beyond an appeal. If the ruling holds, it could mean some sanity returning to global trade.
The tariff rates could finally return to an average of around 2.7% for Apple that was in place for the Biden administration. Consumer goods could also see some prices drop thanks to the end of the trade war.
There’s no predicting exactly how this ruling will affect Apple. It should mean recovered revenue and wider product margins.
For Trump, it’s bad news as he heads to China to discuss trade with Xi Jinping. The loss of the illegal tariffs as leverage could hurt negotiations, but Cook will be there with other executives as a power play.
Following the success of its Artemis II crewed mission, NASA is now turning its focus to the next milestones in its plan to put astronauts back on the moon. The space agency has been eyeing a moon landing in 2028, and it’s tapped Blue Origin and SpaceX to provide the landers that could support humans on the surface (though neither company has demonstrated a moon landing yet). This week, NASA shared that it now has a full-scale prototype of the crew cabin of Blue Origin’s Mark 2 lander so it can begin training.
With the 15-foot-tall prototype at NASA’s Johnson Space Center, the space agency and Blue Origin will be able to “conduct a series of human-in-the-loop tests, or tests with human interaction, including mission scenarios, mission control communications, spacesuit checkouts, and preparations for simulated moonwalks,” NASA explained. This mock-up only includes the crew cabin, which sits at the base of the lander — the whole thing with the rest of the systems integrated will be a towering 52-feet-tall when it goes to the moon. But as recent attempts have shown, landing smoothly on the moon isn’t easy, and both Blue Origin and SpaceX have their work cut out for them to get their landers ready on NASA’s current timeline.
An uncrewed version of Blue Origin’s lander, dubbed Endurance (or MK1), has been undergoing testing in NASA’s thermal vacuum chamber ahead of its first mission this year, in which it will deliver science payloads to the lunar surface. For the next leg of the Artemis program, the Artemis III crew will fly in the Orion spacecraft to low Earth orbit and test docking capabilities with Blue Origin and SpaceX’s landers, or whichever one is ready. NASA is targeting 2027 for this mission.
To upgrade its grid for data centers, PJM Interconnection (which serves 13 states) plans to spend $22 billion — and charge nearly $2 billion of that to customers in Maryland, argues Maryland’s Office of People’s Counsel. The money “will be recovered in rates for decades” and “drive up Maryland customer bills by $1.6 billion over the next ten years alone,” they said Friday, announcing an official complaint filed with America’s Federal Energy Regulatory Commission.
Extra demand is expected from Ohio, Pennsylvania, and Illinois “where demands driven by data centers are projected to grow substantially by 2036,” they explain. But that means that Maryland customers “are subsidizing data center-driven transmission buildout by virtue of geographic proximity…” Tom’s Hardware explains:
That means an extra $823 million for residential (approx. $345 per customer), $146 million for commercial (approx. $673 per customer), and $629 million for industrial customers (approx. $15,074 per customer)… “Maryland customers have neither caused the need for these billions in new transmission projects nor will they meaningfully benefit from them,” [according to Maryland People’s Counsel David S. Lapp]….
This is one of the biggest reasons why many AI hyperscalers are facing pushback from the communities where they intend to place their data centers. At the moment, around 69 jurisdictions have passed some sort of moratorium on projects like these, and a survey has shown that nearly half of Americans do not want a data center in their neighborhood. Debates around these projects are passionate, with a few cases turning violent and even resulting in shootings (thankfully, without any casualties), especially as many feel that the construction of these power-hungry assets is threatening their lifestyles and quality of life.
Thanks to long-time Slashdot reader noshellswill for sharing the news.
HarrisX Poll Found 52% of Registered Voters Support the CLARITY Act
Channel 5 – All Creatures Great and Small series 7 new post
Upbit adds B3 Korean won pair as Base token gains Korea access
Image AI models now drive app growth, beating chatbot upgrades
AP Dhillon – Old Money (Official Audio)
Weekend Open Thread: Marianne Dress
NCP car park operator enters administration putting 340 UK sites at risk of closure
Anna Nicole Smith’s Daughter Attends 2026 Kentucky Derby
Bitcoin mining equities rise in 2026 as BTC lags behind
Melissa Joan Hart and More Stars Attend 2026 Kentucky Derby
Ignore market noise, India’s long-term story intact, say D-Street bulls Ramesh Damani and Sunil Singhania
Winning Numbers Drawn as Jackpot Resets to $20 Million
Luka Doncic Injury Update: Doncic’s Hamstring Recovery Slows Lakers’ Hopes Against Thunder: Can He Run Yet?
Politics Home Article | Starmer Enters The Danger Zone
Is Man United v Liverpool on TV? Channel, streaming and how to watch Premier League fixture
“Storage Wars” star Darrell Sheets' ex-wife breaks silence on his death
Taron Egerton and Charlize Theron Thrill In Netflix’s ‘Apex’
Jane Fonda clarifies her Barbra Streisand shade about Robert Redford's Oscars tribute: 'I thought I was being funny'
Inter Milan Win Serie A Title After Victory Over Parma
BlackRock Buys $284M In Bitcoin On May 1 As The Best Crypto To Invest In For 2026 Sits Below A Pending Binance Listing
You must be logged in to post a comment Login