PyTorch has identified a malicious dependency with the same name as the framework’s ‘torchtriton’ library. This has led to a successful compromise via the dependency confusion attack vector. PyTorch admins are...
A team of security researchers has detailed a supply chain attack technique called Dependency Confusion or a Substitution Attack, which can attack hybrid package manager configurations...
Recent Comments