The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
Morning Overview on MSN

PyTorch Lightning versions 2.6.2 and 2.6.3 were compromised on April 30 — check your installs

On April 30, 2026, someone slipped credential-stealing malware into two freshly published versions of PyTorch Lightning, one ...
Morning Overview on MSN

Hackers poisoned the PyTorch Lightning AI package and it started stealing credentials the moment you imported it

A single line of Python code was all it took. Developers who ran import lightning after installing versions 2.6.2 or 2.6.3 of ...
Bleeping Computer

PyTorch discloses malicious dependency chain compromise over holidays

PyTorch has identified a malicious dependency with the same name as the framework's 'torchtriton' library. This has led to a successful compromise via the dependency confusion attack vector. PyTorch ...
InfoWorld

What is PyTorch? Python machine learning on GPUs

PyTorch 1.10 is production ready, with a rich ecosystem of tools and libraries for deep learning, computer vision, natural language processing, and more. Here's how to get started with PyTorch.
TechRepublic

Machine-Learning Python package compromised in supply chain attack

A nightly build version of a machine-learning framework dependency has been compromised. The package ran malicious code on affected systems and stole data from unsuspecting users. Dec. 31, 2022, the ...
ZDNet

Microsoft: We're taking over Windows 10 PyTorch AI library from Facebook

Microsoft is now officially the maintainer of the Windows version of PyTorch, a popular open-source machine-learning library created by Facebook. Microsoft's decision to take a bigger role in the ...