Hugging Face says it contained a high-velocity cyberattack on its production infrastructure carried out by a fully autonomous AI agent targeting AI supply chain systems.
In a security disclosure published Thursday, Hugging Face said attackers gained unauthorized access to a limited number of internal datasets and several service credentials after exploiting weaknesses in its data-processing pipeline. The company said it is still investigating whether any customer or partner information was affected and will notify impacted parties directly if necessary.
The company added that it has found no evidence that public models, datasets, Spaces, container images, or published software packages were altered.
Attack targeted data pipeline
According to Hugging Face, the breach began when a malicious dataset exploited two code-execution paths in its dataset-processing system. The attackers then elevated privileges, collected cloud and cluster credentials, and moved across multiple internal clusters over a weekend.
The company said the campaign was executed by an autonomous agent framework that performed thousands of actions across short-lived computing environments while shifting its command-and-control infrastructure across public services.
Hugging Face said the activity matches the long-discussed “agentic attacker” scenario, where AI systems can independently conduct complex, multi-stage cyber operations at machine speed.
AI-assisted defenses helped investigators respond
Hugging Face said its own AI-assisted security systems first detected unusual activity by analyzing security telemetry for suspicious patterns.
The company then used AI-driven analysis to examine more than 17,000 attacker events, allowing investigators to rebuild the attack timeline, identify compromised credentials, and distinguish real damage from misleading activity.
Hugging Face also said commercial AI models initially proved difficult to use during the investigation because their safety guardrails blocked analysis involving real attack commands and exploit data. Investigators instead completed the work using the open-weight GLM 5.2 model running on Hugging Face’s own infrastructure.
Security fixes underway
Following the incident, Hugging Face said it closed the vulnerable code-execution paths, rebuilt affected systems, revoked compromised credentials, tightened cluster security controls, and strengthened its detection and alerting systems.
The company also said it is working with outside cybersecurity forensic specialists and has reported the incident to law enforcement. As a precaution, Hugging Face is advising users to rotate access tokens and review recent account activity.
Must-read security coverage
- UK Police Convicts Pair in £5.5 Billion Bitcoin Launder Case
- Blackpoint Cyber vs. Arctic Wolf: Which MDR Solution is Right for You?
- How GitHub Is Securing the Software Supply Chain
- 8 Best Enterprise Password Managers
A turning point for AI security
The disclosure highlights how AI is rapidly becoming both an offensive and defensive tool in cybersecurity. While security researchers have warned that autonomous AI agents could eventually automate sophisticated attacks, Hugging Face says this incident demonstrates that such campaigns are no longer hypothetical.
For organizations building or deploying AI systems, the breach underscores that data pipelines, not just AI models themselves, have become critical security targets. It also suggests companies may need AI tools they can operate privately during incidents, especially when commercial AI services impose safeguards that can unintentionally slow legitimate forensic investigations.
Hugging Face said its investigation is ongoing and that it will notify affected customers or partners if necessary. Regardless of the final findings, the incident is likely to intensify debate over how organizations defend against increasingly autonomous AI-driven attacks—and whether traditional security tools can keep pace.
More News: Apple is warning iPhone users about a surge in FaceTime scams—here’s how the fraud works, what red flags to watch for, and how to report suspicious calls.