PyTorch dependency poisoned with malicious code

System data was exfiltrated during attack, but an anonymous person says it was a research project gone wrong

An unknown attacker used the PyPI code repository to get developers to download a compromised PyTorch dependency that included malicious code designed to steal system data....