More Than 1,500 Hugging Face API Tokens Exposed, Major Projects Vulnerable
The exposed API tokens had write permissions, allowing attackers to modify files in account repositories and potentially manipulate existing models, posing a significant threat to organizations and their applications.