PyTorch Lightning Compromised in PyPI Supply Chain Attack

/HIGH
Written by SCW Vulnerability Desk Vulnerability Intelligence
SCW threat-intelvulnerabilityidentity
PyTorch Lightning Compromised in PyPI Supply Chain Attack

Threat actors have compromised the popular Python package Lightning, pushing two malicious versions, 2.6.2 and 2.6.3, to the PyPI repository on April 30, 2026. This marks another significant software supply chain attack aimed at credential theft. The Hacker News reports that Aikido Security, Socket, and StepSecurity identified these versions as malicious.

This campaign extends previous supply chain attacks, indicating a persistent and evolving threat landscape targeting development infrastructure. Attackers are clearly shifting focus upstream, aiming to infect widely used libraries to achieve broad impact with minimal effort. Compromising a package like Lightning, critical for machine learning and AI development, grants attackers access to a high-value target pool.

Defenders must recognize that the integrity of open-source repositories like PyPI is under constant assault. Relying solely on package managers for security is a critical misstep. Organizations need robust internal controls, including package integrity verification and strict dependency management, to mitigate the risk posed by compromised upstream components.

What This Means For You

  • If your development teams use PyTorch Lightning, immediately check all environments for versions 2.6.2 and 2.6.3. If found, these must be quarantined and removed, and all credentials used in those environments rotated immediately. Assume compromise and follow incident response procedures for credential theft.

Related ATT&CK Techniques

T1195.002 Compromise Software Supply Chain Initial Access T1078.004 Cloud Accounts Initial Access

๐Ÿ›ก๏ธ Detection Rules

3 rules ยท 6 SIEM formats

3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free โ€” export to any SIEM format via the Intel Bot.

critical T1190 Initial Access

Suspicious PyPI Package Installation - PyTorch Lightning Compromise

Sigma YAML โ€” free preview

Source: Shimi's Cyber World ยท License & reuse

โœ“ Sigma ยท Splunk SPL Sentinel KQL Elastic QRadar AQL Wazuh Get rules for your SIEM โ†’

Indicators of Compromise

IDTypeIndicator
PyTorch-Lightning-Supply-Chain-Attack-2026 Supply Chain Attack PyTorch Lightning package
PyTorch-Lightning-Supply-Chain-Attack-2026 Credential Theft Malicious PyTorch Lightning version 2.6.2
PyTorch-Lightning-Supply-Chain-Attack-2026 Credential Theft Malicious PyTorch Lightning version 2.6.3

Written by SCW Vulnerability Desk

Take action on this incident
๐Ÿ“ก Monitor pytorch-lightning.ai Free ยท 1 watchlist slot ยท instant alerts on new breaches ๐Ÿ” Threat intel on PyTorch Lightning All breaches, IOCs & vendor exposure

Related coverage on PyTorch Lightning

France Investigates Teen Over National ID Agency Data Breach

French authorities have launched an investigation into a 15-year-old minor in connection with an alleged data breach impacting the National Agency for Secure Documents (ANTS)....

threat-inteldata-breachgovernmentidentity
/SCW Research /MEDIUM /⚙ 3 Sigma

Fake Cell Towers and Sneaky Installers: New Threats Emerge

The cybersecurity landscape is constantly shifting, with threat actors employing novel tactics. The Hacker News reports on the use of fake cell towers to disseminate...

threat-intelvulnerabilitycloudtoolsthe-hacker-news
/SCW Vulnerability Desk /MEDIUM /⚑ 4 IOCs

DEEP#DOOR Python Backdoor Disables Security Controls for Credential Theft

The Hacker News reports on DEEP#DOOR, a new Python-based backdoor framework that can disable Windows security features to gain persistent access and steal sensitive data....

threat-intelvulnerabilitymalwarecloudmicrosoftidentitytools
/SCW Vulnerability Desk /HIGH /⚑ 5 IOCs