Skip to content
The Nexus
SECURITYMay 4 · 17:15 UTCBLEEPING COMPUTERBill Toulas

Backdoored PyTorch Lightning package drops credential stealer

A malicious version of the PyTorch Lightning package was published on the Python Package Index, delivering a credential-stealing payload targeting browsers and cloud services. The package is designed to steal sensitive information from users. This incident highlights the importance of verifying software packages before installation.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this