Popular lightning PyPI Package Backdoored in Latest Shai-Hulud Wave
✦ NabkaNews BriefAuto-summarized from multiple outlets · verify with the source
A popular python package has been compromised in a recent wave of attacks, with reports indicating that a backdoor has been inserted into the package. The compromised package is said to be used for stealing credentials, with some outlets specifying that it is related to PyTorch Lightning. However, there is some uncertainty about the specific packages affected, with different outlets mentioning different packages, including Intercom-client and Telnyx.