writeups.xyz / Playing With Fire – How We Executed A Critical Supply Chain Attack On Pytorch

Submitter : c2a

Date: 11 January 2024

Bounty : 5,500

Vulnerabilities :

• CI/CD
• Supply Chain Attack

Programs :

• PyTorch
• Meta / Facebook

Authors :

• John Stawinski
• Adnan Khan (@Adnanthekhan)

Link :
https://johnstawinski.com/2024/01/11/playing-with-fire-how-we-executed-a-critical-supply-chain-attack-on-pytorch/