all InfoSec news
PyTorch compromised to demonstrate dependency confusion attack on Python environments
Security Affairs securityaffairs.co
Threat actors compromised the PyTorch Machine Learning Framework by adding a malicious dependency. The maintainers of the PyTorch package warn of a supply chain attack. Users who have installed PyTorch-nightly on Linux via pip between December 25, 2022 and December 30, 2022, to uninstall it and use the latest binaries. “If you installed PyTorch-nightly on […]
The post PyTorch compromised to demonstrate dependency confusion attack on Python environments appeared first on Security Affairs.
attack breaking news compromised december dependency dependency confusion environments framework hacking hacking news information security news it information security latest linux machine machine learning maintainers malicious malware nightly package pierluigi paganini pip python pytorch security supply supply chain supply chain attack threat threat actors