Analyst2074d ago

Malicious PyTorch Lightning Package Exploits Supply Chain to Steal Credentials

A malicious version of the popular PyTorch Lightning package, downloaded over 11 million times, was found to contain a stealthy backdoor that steals credentials by silently executing a heavily obfuscated JavaScript payload. The compromised package, version 2.6.3, triggers the malicious routine automatically when…

https://osintsights.com/malicious-pytorch-lightning-package-exploits-supply-chain-to-steal-credentials?utm_source=mastodon&utm_medium=social

#PytorchLightning #SupplyChain #CredentialTheft #Backdoor #PackageExploitation

Malicious PyTorch Lightning Package Exploits Supply Chain to Steal Credentials

Protect your credentials from malicious PyTorch Lightning packages. Learn how to identify and prevent supply chain attacks now and secure your software development pipeline effectively today.

OSINTSights