Mastodawn

#Opensource package with 1 million monthly downloads stole user credentials

… #compromised after a threat actor #exploited a #vulnerability in the developers’ account workflow that gave access to its signing keys and other sensitive information

On Friday, unknown attackers exploited the vulnerability to push a new version of #elementData, a command-line interface that helps users monitor performance and anomalies in machine-learning systems.
#security #privacy #ml

https://arstechnica.com/security/2026/04/open-source-package-with-1-million-monthly-downloads-stole-user-credentials/

Open source package with 1 million monthly downloads stole user credentials

If you're one of millions using element-data, it's time to check for compromise.

Ars Technica

Dr. Roy Schestowitz (罗伊)Nov 27, 2017

These patents are #softwarepatents and thus worthless after #alice at #scotus https://gnusocial.de/url/4580467 #swpats #ElementData

Element Data Acquires Auguri Corporation Technology And Patents For Cloud Based Decision Support Platform

SEATTLE, Nov. 27, 2017 /PRNewswire/ -- Element Data, Inc., a decision support software platform that harnesses artificial intelligence and machine learning ...