The Hugging Face Breach Is a Dataset-Pipeline RCE Wearing an AI Costume
Hugging Face says an autonomous agent breached its production infrastructure over a weekend by getting a malicious dataset to run code on a processing worker. Strip the AI theater and it’s a credential-blast-radius story about treating the ML pipeline as untrusted-code execution.