Tag: runtime directory

PyTorch Lightning Targeted in PyPI Supply Chain Credential Heist

Malicious actors have struck PyTorch Lightning with a supply chain attack, publishing two tainted package versions that automatically steal credentials when imported. The attack involves a sneaky _runtime directory with a downloader and obfuscated JavaScript payload.