> TritonInfoSec News
Home / May 05, 2026 / Story
0
#8 BleepingComputer general May 04, 2026 at 17:15 UTC

Backdoored PyTorch Lightning package drops credential stealer

By Bill Toulas

AI Summary

A malicious version of the PyTorch Lightning package on the Python Package Index (PyPI) delivers credential-stealing malware targeting browsers, environment files, and cloud services. This supply chain attack demonstrates the ongoing threat to open-source package repositories used by machine learning developers.

Read full article → https://www.bleepingcomputer.com/news/security/bac…

Relevance score: 78.0/100

# More from May 05

  1. 1
    CISA says ‘Copy Fail’ flaw now exploited to root Linux systems BleepingComputer
  2. 2
    Over 40,000 Servers Compromised in Ongoing cPanel Exploitation SecurityWeek
  3. 3
    Exploit Cyber-Frenzy Threatens Millions via Critical cPanel Vulnerability Dark Reading
  4. 4
    Progress warns of critical MOVEit Automation auth bypass flaw BleepingComputer
  5. 5
    Trellix discloses data breach after source code repository hack BleepingComputer
  6. 6
    Instructure confirms data breach, ShinyHunters claims attack BleepingComputer
  7. 7
    Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools The Hacker News
  8. 9
    DigiCert Revokes Certificates After Support Portal Hack SecurityWeek
  9. 10
    Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia The Hacker News