pypi

(2 articles)

May 4, 2026

PyTorch Lightning PyPI Package Drops Credential Stealer

PyTorch Lightning v2.6.3 on PyPI contained a hidden credential stealer targeting browsers, .env files, and cloud APIs. Here's what developers need to know.

April 8, 2026

N. Korean Hackers Drop 1,700 Malicious Packages

North Korean hackers spread 1,700 malicious packages across npm, PyPI, Go, and Rust registries. Here's what developers need to check right now.