In early May, a repository appeared on Hugging Face that disguised itself as an OpenAI model and installed an infostealer on Windows systems. The attackers used typosquatting and distributed the ...