PyTorch has identified a malicious dependency with the same name as the framework’s ‘torchtriton’ library. This has led to a successful compromise via the dependency confusion attack vector. PyTorch admins are...
Threat actors are using the compromised infrastructure of an undisclosed media company to deploy the SocGholish JavaScript malware framework (also known as FakeUpdates) on the websites...
Multiple npm packages published by the crypto exchange, dYdX, and used by at least 44 cryptocurrency projects appear to have been compromised. Powered by the Ethereum blockchain, dydX is a...
Recent Comments