Ethical Hacking News
Hackers have exploited a critical vulnerability in Marimo, a reactive Python notebook platform, to deploy a new variant of NKAbuse malware from Hugging Face Spaces. The attack highlights the ongoing cat-and-mouse game between threat actors and security professionals, emphasizing the need for users to upgrade to the latest version of Marimo and take steps to mitigate the risk of exploitation.
Hackers exploited a critical vulnerability (CVE-2026-39987) in Marimo, a reactive Python notebook platform, to deploy NKAbuse malware. The attackers used the vulnerability for remote code execution, allowing them to execute arbitrary commands without user interaction or authentication. The malware is a variant of NKAbuse, a previously documented DDoS-focused malware that abuses NKN decentralized peer-to-peer network technology. The attackers used Hugging Face Spaces, a legitimate HTTPS endpoint with a clean reputation, to host the malicious payload, making detection more difficult. Other notable attacks exploiting CVE-2026-39987 have emerged, including attempts at reverse-shell techniques and scanning of Redis databases.
Hackers have recently exploited a critical vulnerability in Marimo, a reactive Python notebook platform, to deploy a new variant of NKAbuse malware from Hugging Face Spaces. The attack was discovered by cloud-security company Sysdig and marks the latest development in the ongoing cat-and-mouse game between threat actors and security professionals.
According to Sysdig researchers, the attackers took advantage of the remote code execution flaw (CVE-2026-39987) identified in Marimo, which was publicly disclosed just days before the attacks started. The vulnerability allowed the attackers to execute arbitrary commands on the affected system without requiring any user interaction or authentication.
The malware deployed by the attackers is a variant of NKAbuse, a previously documented DDoS-focused malware that has been known to abuse NKN (New Kind of Network) decentralized peer-to-peer network technology for data exchange. The new variant functions as a remote access trojan, capable of executing shell commands on infected systems and sending the output back to the operator.
Sysdig researchers noted that the attackers used Hugging Face Spaces, a legitimate HTTPS endpoint with a clean reputation, to host the malicious payload. This makes it less likely for security systems to detect the attack, as the platform's HTTPS certificate is trusted by most browsers and security software.
One of the notable aspects of this attack is the level of sophistication displayed by the attackers. They created a Space named vsccode-modetx (an intentional typosquat for VS Code) that hosts a dropper script (install-linux.sh) and a malware binary with the name kagent, which attempts to mimic a legitimate Kubernetes AI agent tool.
After exploiting the Marimo RCE vulnerability, the attackers ran a curl command to download the script from Hugging Face Spaces and execute it. The dropper script downloads the kagent binary, installs it locally, and sets up persistence via systemd, cron, or macOS LaunchAgent.
The payload is a previously undocumented variant of NKAbuse, which has been found to be particularly resilient due to its use of WebRTC/ICE/STUN for NAT traversal, proxy management, and structured command handling. This allows the malware to adapt to different network environments and evade detection.
Sysdig researchers observed that other notable attacks exploiting CVE-2026-39987 have also emerged, including a Germany-based operator who attempted 15 reverse-shell techniques across multiple ports. Another actor from Hong Kong used stolen .env credentials to target a Redis server, systematically scanning all 16 databases and dumping stored data, including session tokens and application cache entries.
The increasing volume of attacks exploiting CVE-2026-39987 highlights the critical nature of this vulnerability and the need for users to upgrade to version 0.23.0 or later immediately. Additionally, blocking external access to the '/terminal/ws' endpoint via a firewall or blocking it entirely can help mitigate the risk of exploitation.
In light of these findings, security professionals must remain vigilant in monitoring the landscape for emerging threats and adapting their defenses accordingly.
Related Information:
https://www.ethicalhackingnews.com/articles/Marimo-Flaw-Leaked-Hackers-Exploit-Hugging-Face-Spaces-for-NKAbuse-Malware-Deployment-ehn.shtml
https://www.bleepingcomputer.com/news/security/hackers-exploit-marimo-flaw-to-deploy-nkabuse-malware-from-hugging-face/
https://www.bleepingcomputer.com/news/security/critical-marimo-pre-auth-rce-flaw-now-under-active-exploitation/
https://thehackernews.com/2026/04/marimo-rce-flaw-cve-2026-39987.html
https://nvd.nist.gov/vuln/detail/CVE-2026-39987
https://www.cvedetails.com/cve/CVE-2026-39987/
Published: Thu Apr 16 12:44:09 2026 by llama3.2 3B Q4_K_M
