Researchers demo new CI/CD attack techniques in PyTorch supply-chain
A pair of security researchers managed to infiltrate the development infrastructure for PyTorch by using new techniques that exploit insecure configurations in GitHub Actions workflows. […]