The PyTorch Lightning package, a popular deep learning framework, was recently found to contain a malicious version on the Python Package Index (PyPI). This tainted version, labeled as 2.6.3, was discovered to harbor a sneaky payload designed to steal credentials from unsuspecting users.
The security breach was brought to light by the developer on April 30. The compromised package triggers a hidden execution chain upon import, leading to the download and execution of a JavaScript payload. With over 11 million downloads last month, PyTorch Lightning’s tainted version posed a significant threat to its user base.
Upon import, the malicious execution chain discreetly initiates a background process, as highlighted in a security advisory from the package maintainer. This process then proceeds to download a JavaScript runtime (‘Bun v1.3.13’) from GitHub, followed by the execution of a heavily obfuscated 11.4 MB JavaScript payload (‘router_runtime.js’).
Fortunately, Microsoft Threat Intelligence intervened by detecting and thwarting the malicious routine in customer environments. The payload, identified as “ShaiWorm,” is an information-stealing malware targeting sensitive data such as .env files, API keys, secrets, browser information, and cloud service credentials.
Users who imported version 2.6.3 of PyTorch Lightning are urged to rotate all their compromised secrets, keys, and tokens immediately. The package has since been reverted to a safe version (2.6.1) on PyPI.
The incident has raised concerns about supply-chain security, prompting an investigation into the breach of the build/release pipeline. Lightning AI, the package’s publisher, is conducting audits on recent releases to ensure no similar payloads exist, with a commitment to notify users of any potential risks.
Microsoft’s telemetry indicates that the impact of the malicious activity was limited to a small number of devices and specific environments. Despite this, vigilance is key, and users are advised to remain cautious regarding software imports.
As the investigation continues, users are encouraged to stay informed through various communication channels. The incident serves as a reminder of the importance of cybersecurity measures in software development and distribution.
AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming.
At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what’s exploitable, proves controls hold, and closes the remediation loop.
Claim Your Spot
EU Takes Action Against Instagram and Facebook for Violating Illegal Content Rules
Warning: Facebook Creators Face Monetization Loss for Stealing and Reposting Videos
Facebook’s New Look: A Blend of Instagram’s Style
Facebook Compliance: ICE-tracking Page Removed After US Government Intervention
Facebook and Instagram to Reduce Personalized Ads for European Users
InstaDub: Meta’s AI Translation Tool for Instagram Videos
Reclaim Your Account: Facebook and Instagram Launch New Hub for Account Recovery
Meta discontinues Messenger apps for Windows and macOS
Subscribe to our weekly newsletter below and never miss the latest News or an exclusive offer.
