I poisoned a Hugging Face dataset and it stayed up for 6 months

A researcher deliberately poisoned a dataset hosted on Hugging Face with malicious code, and the contaminated dataset remained publicly accessible for six months without detection, highlighting security vulnerabilities in AI dataset sharing platforms.