Public

#security #packaging #github #supplychain #hacking
How We Executed A Critical Supply Chain Attack On Pytorch
How We Executed A Critical Supply Chain Attack On Pytorch

"Four months ago, Adnan Khan and I exploited a critical CI/CD vulnerability in PyTorch, one of the world’s leading ML platforms. Used by titans like Google, Meta, Boeing, and Lockheed Martin, PyTorch is a major target for hackers and nation-states alike.

Thankfully, we exploited this vulnerability before the bad guys.

Here is how we did it."

·johnstawinski.com·
How We Executed A Critical Supply Chain Attack On Pytorch