{"id":7947,"date":"2026-04-30T17:11:46","date_gmt":"2026-04-30T17:11:46","guid":{"rendered":"https:\/\/news.cybertechworld.co.in\/index.php\/2026\/04\/30\/pytorch-lightning-compromised-in-pypi-supply-chain-attack-to-steal-credentials\/"},"modified":"2026-04-30T17:11:46","modified_gmt":"2026-04-30T17:11:46","slug":"pytorch-lightning-compromised-in-pypi-supply-chain-attack-to-steal-credentials","status":"publish","type":"post","link":"https:\/\/news.cybertechworld.co.in\/index.php\/2026\/04\/30\/pytorch-lightning-compromised-in-pypi-supply-chain-attack-to-steal-credentials\/","title":{"rendered":"PyTorch Lightning Compromised in PyPI Supply Chain Attack to Steal Credentials"},"content":{"rendered":"<p>\u200bIn yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two malicious versions to conduct credential theft.<br \/>\nAccording to Aikido Security, Socket, and StepSecurity, the two malicious versions are versions 2.6.2 and 2.6.3, both of which were published on April 30, 2026. The campaign is assessed to be an extension of the\u00a0In yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two malicious versions to conduct credential theft.<br \/>\nAccording to Aikido Security, Socket, and StepSecurity, the two malicious versions are versions 2.6.2 and 2.6.3, both of which were published on April 30, 2026. The campaign is assessed to be an extension of the\u00a0\u00a0The Hacker News<\/p>","protected":false},"excerpt":{"rendered":"<p>\u200bIn yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two malicious versions to conduct credential theft. According to Aikido Security, Socket, and StepSecurity, the two malicious versions are versions 2.6.2 and 2.6.3, both of which were published on April 30, 2026. The campaign is&hellip;&nbsp;<a href=\"https:\/\/news.cybertechworld.co.in\/index.php\/2026\/04\/30\/pytorch-lightning-compromised-in-pypi-supply-chain-attack-to-steal-credentials\/\" class=\"\" rel=\"bookmark\">Read More &raquo;<span class=\"screen-reader-text\">PyTorch Lightning Compromised in PyPI Supply Chain Attack to Steal Credentials<\/span><\/a><\/p>\n","protected":false},"author":0,"featured_media":7948,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"neve_meta_sidebar":"","neve_meta_container":"","neve_meta_enable_content_width":"","neve_meta_content_width":0,"neve_meta_title_alignment":"","neve_meta_author_avatar":"","neve_post_elements_order":"","neve_meta_disable_header":"","neve_meta_disable_footer":"","neve_meta_disable_title":"","_themeisle_gutenberg_block_has_review":false,"footnotes":""},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts\/7947"}],"collection":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/comments?post=7947"}],"version-history":[{"count":0,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts\/7947\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/media\/7948"}],"wp:attachment":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/media?parent=7947"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/categories?post=7947"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/tags?post=7947"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}