A malicious version of the PyTorch Lightning package published on the Python Package Index (PyPI) delivers a credential-stealing payload targeting browsers, environment files, and cloud services. The ...
On April 30, two releases of one of the most popular machine learning libraries on the Python Package Index were caught carrying credential-stealing malware. Versions 2.6.2 and 2.6.3 of the lightning ...