all InfoSec news
Machine-Learning Python package compromised in supply chain attack
Security on TechRepublic www.techrepublic.com
A nightly build version of a machine-learning framework dependency has been compromised. The package ran malicious code on affected systems and stole data from unsuspecting users.
The post Machine-Learning Python package compromised in supply chain attack appeared first on TechRepublic.
attack build code compromised data data theft dependency developer framework linux foundation machine machine learning malicious nightly package package compromise pypi python python package pytorch security supply supply chain supply chain attack systems version