Sam Stepanyan :verified: 🐘 on Nostr: Another day - another #SoftwareSupplyChain attack. This time #Ultralytics - an AI ...
Another day - another #SoftwareSupplyChain attack. This time #Ultralytics - an AI vision library downloaded 260,000+ times a day from #PyPI was compromised by a malicious code injection which installed cryptocurrency miner. Avoid versions 8.3.41 & 8.3.42:
https://www.bleepingcomputer.com/news/security/ultralytics-ai-model-hijacked-to-infect-thousands-with-cryptominer/
https://www.bleepingcomputer.com/news/security/ultralytics-ai-model-hijacked-to-infect-thousands-with-cryptominer/