Cybercriminals are exploiting AI distribution platforms Hugging Face and ClawHub to spread malware by disguising malicious code as legitimate shared files, according to security firm Acronis. Acronis discovered nearly 600 malicious skills on ClawHub distributing trojans, cryptominers, and information stealers for Windows and macOS, while multiple campaigns on Hugging Face targeted Windows, Linux, and Android systems with infostealers and malware loaders. The attacks rely on social engineering and users' trust in these legitimate platforms rather than compromising the AI systems themselves, with threat actors shifting from traditional malware distribution methods to poisoning trusted developer communities.