Malware4 min read
PyTorch Lightning Compromised on PyPI to Steal Developer Secrets
TeamPCP threat actors backdoored versions 2.6.2 and 2.6.3 of the popular AI framework, harvesting SSH keys, cloud credentials, and GitHub tokens from millions of developers.
James RiveraMay 1, 2026