Security News Backdoored PyTorch Lightning package drops credential stealer BleepingComputer Daniel Bender 04 May 2026 A malicious version of the PyTorch Lightning package published on the Python Package Index (PyPI) delivers a credential-stealing payload targeting browsers, environment files, and cloud services.
