PyTorch Discloses Malicious Dependency Chain Compromise Over Holidays
PyTorch has identified a malicious dependency with the same name as the framework’s ‘torchtriton’ library. This has led to a successful compromise via the dependency confusion attack vector.