Malicious torchtriton Hijacks PyTorch: How a Supply‑Chain Attack Stole Linux Data

A PyTorch‑nightly supply‑chain attack introduced a malicious "torchtriton" package on PyPI that exfiltrated IP addresses, hostnames, usernames and SSH keys from Linux systems, prompting an urgent uninstall notice and a swift response from the PyTorch team.

LinuxPyTorchinformation security

0 likes · 5 min read

Malicious torchtriton Hijacks PyTorch: How a Supply‑Chain Attack Stole Linux Data