PyTorch discloses malicious dependency chain compromise over holidays
PyTorch has acknowledged a malicious dependency with the identical establish because the framework’s ‘torchtriton’ library. This has led to a a hit compromise by capacity of the dependency confusion attack vector. PyTorch admins are warning customers who installed PyTorch-nightly over the holidays to uninstall the framework and the counterfeit ‘torchtriton’ dependency. From computer vision to pure language processing, the open provide machine…