Malicious PyTorch dependency 'torchtriton' on PyPI: everything you need to know
The package that was uploaded to the PyPI repository differs from the legitimate version in that it contains a malicious binary called that was installed in the path . ... A package called "torchtriton" was uploaded to the Python Package Index (PyPI) code repository, with the same name as the package shipped on the PyTorch nightly package index. Malware: Torchtriton, Triton [View Article](https://www.wiz.io/blog/malicious-pytorch-dependency-torchtriton-on-pypi-everything-you-need-to-know)