Hack on Marimo: How NKAbuse malware exploits Python notebooks
Discover how a vulnerability in Marimo allows attackers to deploy malware from Hugging Face, compromising security in AI environments.

The emerging threat in Python notebooks
The artificial intelligence and data science development ecosystem has been shaken recently following the discovery that malicious actors are exploiting a critical vulnerability in Marimo, a reactive Python notebook platform. Unlike traditional tools, this hack allows for remote code execution, facilitating the deployment of a sophisticated variant of the malware known as NKAbuse.
This incident highlights a worrying trend: attackers are using legitimate model and project hosting platforms, such as Hugging Face Spaces, to distribute malicious payloads. This strategy not only facilitates distribution but also allows the malware to camouflage itself under trusted infrastructure, complicating detection by security teams.
What is NKAbuse and how does it operate?
NKAbuse is not conventional software; it is a malware with backdoor capabilities designed to persist in compromised systems. By leveraging the flexibility of Marimo, attackers manage to:
- Establish communications via the Discord protocol for command and control (C2).
- Silently download additional payloads.
- Escalate privileges within the execution environment.
"The use of AI platforms to host malware represents a shift in the attack paradigm, forcing developers to audit their dependencies with greater rigor," security experts comment.
Security lessons: Beyond Marimo
This incident adds to a series of recent breaches affecting automation and deployment tools. Just as we saw in the case of the Hack with n8n: Malware and Phishing via Webhooks, the lack of validation in the execution of external scripts is the primary weak point. Although for now the focus is on exfiltration and remote control, the risk of this technique evolving into large-scale ransomware is a latent possibility that should not be underestimated.
To protect themselves, development teams must:
- Limit execution permissions in notebook environments.
- Monitor outgoing network traffic to unauthorized services.
- Keep all libraries and frameworks updated, especially those with exposed web interfaces.
Security in modern development demands constant vigilance. As noted in the alerts from CISA warns: New critical vulnerability in Fortinet and Microsoft, no system is exempt from risks if robust layers of defense are not implemented from the initial design.
Related articles
11 de julio de 2026
Condemna històrica: membre de la banda Ryuk ransomware admet la seva culpabilitat
Un ciutadà armeni es declara culpable als EUA pel desplegament de ransomware Ryuk, afrontant una possible sentència de 15 anys de presó.
11 de julio de 2026
Historic Conviction: Ryuk Ransomware Gang Member Admits Guilt
An Armenian national pleads guilty in the U.S. for deploying Ryuk ransomware and faces a potential 15-year prison sentence.
11 de julio de 2026
Condena histórica: miembro de la banda Ryuk ransomware admite su culpa
Un ciudadano armenio se declara culpable en EE. UU. por el despliegue de ransomware Ryuk, enfrentando una posible sentencia de 15 años de prisión.
10 de julio de 2026
Hackers exploten Microsoft Entra: Nova vulnerabilitat en passkeys
Un grup d'actors maliciosos utilitza enginyeria social per comprometre comptes de Microsoft 365 mitjançant falsos registres de passkeys a Entra.
Loading comments...