{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/products/pytorch-lightning-2.6.3/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":["pytorch-lightning (2.6.2)","pytorch-lightning (2.6.3)"],"_cs_severities":["critical"],"_cs_tags":["supply-chain","credential-theft","pypi"],"_cs_type":"advisory","_cs_vendors":["Lightning AI"],"content_html":"\u003cp\u003eOn April 30, 2026, Lightning AI disclosed a security incident affecting the PyTorch Lightning PyPI package. Versions 2.6.2 and 2.6.3 have been identified as compromised and contain malicious code. The ongoing investigation suggests the injected code functions as a credential harvesting mechanism, potentially exposing sensitive information like API keys, access tokens, SSH keys, and service account credentials. The root cause of the compromise is still under investigation, but Lightning AI has taken steps to quarantine the malicious versions and is working to determine the full scope and impact of the breach. Defenders should immediately rotate credentials and rebuild systems affected by these compromised packages.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker gains unauthorized access to the PyTorch Lightning PyPI package release process.\u003c/li\u003e\n\u003cli\u003eMalicious code is injected into the \u003ccode\u003e2.6.2\u003c/code\u003e and \u003ccode\u003e2.6.3\u003c/code\u003e versions of the \u003ccode\u003epytorch-lightning\u003c/code\u003e package.\u003c/li\u003e\n\u003cli\u003eDevelopers unknowingly install the compromised packages using \u003ccode\u003epip\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eUpon execution, the malicious code begins harvesting credentials from the compromised environment.\u003c/li\u003e\n\u003cli\u003eStolen credentials, including API keys, access tokens, SSH keys, and service account credentials, are exfiltrated to an attacker-controlled server.\u003c/li\u003e\n\u003cli\u003eThe attacker uses the stolen credentials to gain unauthorized access to systems and data.\u003c/li\u003e\n\u003cli\u003eThe attacker may escalate privileges within the compromised environment using the acquired credentials.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThe compromise of PyTorch Lightning versions 2.6.2 and 2.6.3 poses a critical risk to developers and organizations using these packages. Successful credential harvesting can lead to unauthorized access to sensitive data, system compromise, and potential financial loss. The number of affected users is currently unknown, but given the popularity of PyTorch Lightning, the potential impact could be significant across various sectors. Systems running the affected versions should be considered fully compromised until remediated.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImmediately rotate all credentials and secrets that may have been exposed, including API keys, access tokens, SSH keys, and service account credentials, as mentioned in the advisory.\u003c/li\u003e\n\u003cli\u003eRebuild affected systems from a known clean state to eliminate any residual malicious code as recommended by the advisory.\u003c/li\u003e\n\u003cli\u003ePin PyTorch Lightning to version \u003ccode\u003e2.6.1\u003c/code\u003e to prevent further installations of the compromised versions, per the advisory.\u003c/li\u003e\n\u003cli\u003eReview logs for any suspicious or unauthorized activity to identify potential breaches resulting from the compromised packages.\u003c/li\u003e\n\u003cli\u003eMonitor network traffic for outbound connections to unusual or suspicious domains/IP addresses, which may indicate credential exfiltration.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-07T00:52:55Z","date_published":"2026-05-07T00:52:55Z","id":"/briefs/2026-05-pytorch-lightning-compromise/","summary":"Compromised PyTorch Lightning PyPI packages versions 2.6.2 and 2.6.3 contain malicious code related to credential harvesting, requiring immediate credential rotation and system rebuilding.","title":"Compromise of PyTorch Lightning PyPI Package Versions","url":"https://feed.craftedsignal.io/briefs/2026-05-pytorch-lightning-compromise/"}],"language":"en","title":"CraftedSignal Threat Feed — Pytorch-Lightning (2.6.3)","version":"https://jsonfeed.org/version/1.1"}