If you downloaded PyTorch-nightly on Linux via pip between Dec. 25, 2022, and Dec. 30, 2022, you've got trouble. Someone, we still don't know who, uploaded a poisoned Python Package Index (PyPI) dependency that hid under the real dependency name, torchtriton. The good news is that this supply chain attack only hit the nightly builds. If you weren't using these, you'd be safe. You might wonder how this could happen since the malicious code wasn't copied over the good version.

The maintainers of the PyTorch package have warned users who have installed the nightly builds of the library between December 25, 2022, and December 30, 2022, to uninstall and download the latest versions following a dependency confusion attack. "PyTorch-nightly Linux packages installed via pip during that time installed a dependency, torchtriton, which was compromised on the Python Package Index (PyPI) code repository and ran a malicious binary," the PyTorch team said in an alert over the weekend. PyTorch, analogous to Keras and TensorFlow, is an open source Python-based machine learning framework that was originally developed by Meta Platforms. The PyTorch team said that it became aware of the malicious dependency on December 30, 4:40 p.m. GMT. The supply chain attack entailed uploading the malware-laced copy of a legitimate dependency named torchtriton to the Python Package Index (PyPI) code repository.