← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Poisoning the well: AI supply chain attacks on Hugging Face and OpenClaw
WHITE Tr1sa111 2026-05-12 Modified: 2026-05-12
43
IOCs
MEDIUM VOLUME
amos stealerclawhubopenclawhugging facetrojanized skillscryptominerai supply chainindirect prompt injection
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
AMOS Stealer
Indicators of Compromise (12 / 43 total)
All IPv4 FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 122bea967f4c194fd5820123d13b7b71422c31f92b9fc0b0fa05aac3ff03dfaa 2026-05-12
FileHash-SHA256 462af0a3a9094d44c30cc65544ec1171a62365cff09e67f5e87e061a3d604bd0 2026-05-12
FileHash-SHA256 579a82dde4425d95e20a22171be0a37702c833fdca6e5e04f69099a025863136 2026-05-12
FileHash-SHA256 89930bd18e0f9c9c98dfb1662cb87aa98348e87164ab62b1f39e86ebf2ce24cb 2026-05-12
FileHash-SHA256 9db18aa394f554aa455f3039ce734b1653cc999089889c551fe263bd4bdc39fc 2026-05-12
FileHash-SHA256 b5da6ffa5f85aa5016fbc02a3122361c85d21192c45df9544099d13e6ff84c36 2026-05-12
FileHash-SHA256 c7b93b6facfc23f49e35e81dc9c30cc69401b8245eeb7c032fc13656cd7e101f 2026-05-12
FileHash-SHA256 d42aecf76fb1531cd5b7139e669910b2fd82a90b7e11448128e226775bf5d42e 2026-05-12
FileHash-SHA256 d781d5cabaf5f305bbb8afcd9a54d7ba616bfa7aef5c4d16f6bce3d2bf3b4073 2026-05-12
FileHash-SHA256 e84b1e2c432b2394c403b524b8361ffa9923a022eb05215f1dc811bc167c3c5e 2026-05-12
FileHash-SHA256 f0a54f2b44e557854b0a5001c4e10185884af945814786f78b86539014f78a16 2026-05-12
FileHash-SHA256 fd3d52c2bb3764aabfe4da301967bfbc18e1c062d5dad2e9f4c3b6b6cf0ec9f8 2026-05-12
References (1)
↗ https://www.acronis.com/en/tru/posts/poisoning-the-well-ai-supply-chain-attacks-on-hugging-face-and-openclaw