PyTorch Poisoned in Software Supply Chain Attack - The New Stack

Jan-20-2023, 07:20:53 GMT–#artificialintelligence

If you downloaded PyTorch-nightly on Linux via pip between Dec. 25, 2022, and Dec. 30, 2022, you've got trouble. Someone, we still don't know who, uploaded a poisoned Python Package Index (PyPI) dependency that hid under the real dependency name, torchtriton. The good news is that this supply chain attack only hit the nightly builds. If you weren't using these, you'd be safe. You might wonder how this could happen since the malicious code wasn't copied over the good version.

artificial intelligence, machine learning, neural network, (7 more...)

#artificialintelligence

Jan-20-2023, 07:20:53 GMT

News Web Page

Add feedback

Industry:
- Information Technology > Security & Privacy (0.75)

Technology:
- Information Technology
  - Security & Privacy (0.75)
  - Artificial Intelligence > Machine Learning
    - Neural Networks > Deep Learning (0.83)

Duplicate Docs Excel Report

Title
None found

Similar Docs Excel Report more

Title	Similarity	Source
None found