National Cyber Warfare Foundation (NCWF)

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials
0 user ratings		2026-04-30 19:10:11
milo
Blue Team (CND)
In yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two malicious versions to conduct credential theft.
According to Aikido Security, OX Security, Socket, and StepSecurity, the two malicious versions are versions 2.6.2 and 2.6.3, both of which were published on April 30, 2026. The campaign is assessed to be an



Source: TheHackerNews
Source Link: https://thehackernews.com/2026/04/pytorch-lightning-compromised-in-pypi.html

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Blue Team (CND)


Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.