Tower of the Day: PyTorch Lightning ⚡the lightweight PyTorch wrapper that lets you scale models, train on any hardware, and eliminate boilerplate while keeping full flexibility! Check out the dependency tower for Lightning! 📷 api.stacktower.io/v1/share/6… Big thanks to @LightningAI @williamfalcon @lantiga and the whole Lightning team for building such a clean, powerful framework! #PyTorch #PyTorchLightning #DeepLearning #MachineLearning #AI #MLOps #LightningAI

🇺🇸 Alleged Internal Data Exposure Involving Lightning AI A threat actor has posted on an underground forum claiming to have obtained internal assets belonging to Lightning AI, the company behind PyTorch Lightning, and is offering what appears to be source code and internal project data. According to the post, the exposed data may include: • Internal source code repositories • Private AI/ML project directories • Customer issue tracking resources • Internal CI/CD tooling and automation assets • Slack-related data dumps • Cloud infrastructure/benchmarking components • Deployment templates and plugin repositories • Enterprise/internal product components • MLOps design resources • Sandbox and container-related assets The sample shared by the actor appears to show a directory listing referencing multiple internal projects, including private repositories, enterprise tooling, benchmarking assets, deployment templates, and internal automation components. The post claims approximately 1,360 directories and 10,239 files. The dataset appears to be focused on internal development and operational assets rather than a direct customer PII leak, suggesting a potential source code or infrastructure exposure scenario. If authentic, potential risks may include: • Exposure of proprietary intellectual property and source code • Discovery of embedded secrets, credentials, or internal tokens • Supply chain risk if build/deployment pipelines are affected • Increased likelihood of targeted attacks against infrastructure • Abuse of internal tooling or automation workflows • Reputational and operational impact for the organization Notably, the threat actor references the previously disclosed PyTorch Lightning supply chain incident involving compromised PyPI credentials, but this forum claim does not independently confirm linkage between that event and the alleged internal data exposure. The authenticity, scope, origin, and recency of the claimed dataset have not been independently verified. Underground forum claims may be exaggerated, fabricated, recycled, or based on previously exposed material. #DataBreach #ThreatIntel #CyberSecurity #SupplyChainSecurity #SourceCodeLeak #LightningAI #PyTorchLightning #MLOps #CloudSecurity #ThreatMonitoring

PyTorch Lightning にサプライチェーン攻撃：GitHub アカウント侵害の可能性 iototsecnews.jp/2026/04/30/p… 広く利用されている PyPI パッケージの lightning が、悪意の第三者により侵害されました。攻撃者はパッケージの管理権限を奪取し、ライブラリを import するだけで自動的にマルウェアが動くように細工しました。具体的には、内部に隠された JavaScript ペイロードが実行され、GitHub やクラウドサービスの認証情報を盗み取る仕組みになっています。メンテナのアカウント自体が乗っ取られた可能性も指摘されており、正規のアップデートを通じて悪意のコードが配布されるという、きわめて深刻な状況に陥っています。ご利用のチームは、ご注意ください。 #CyberAttack #Python #PyTorchLightning #SupplyChainAttack

Édition spéciale Star Wars Day. Votre flash info cyber est livré aujourd'hui par les forces de la Cyber Threat Intelligence Impériale. Le côté obscur n'altère pas les faits, il les éclaire. 🎙️ radiocsirt.org/podcast/ep-64… Le CERT-FR signale plusieurs vulnérabilités dans la plateforme MISP dans toutes les versions antérieures à 2.5.37 : contournement de la politique de sécurité, injection SQL et élévation de privilèges. Le CERT-FR consolide plus de 80 vulnérabilités découvertes dans les produits Microsoft entre le 22 avril et le 02 mai 2026, concentrées sur le composant azl3 kernel d'Azure Linux dans toutes les versions antérieures à 6.6.137.1-1. Plus de soixante CVE émises sur la seule journée du 26 avril. Microsoft Edge fait l'objet de 27 vulnérabilités identifiées sur la seule journée du 1er mai, affectant l'ensemble des versions antérieures à 147.0.3912.98. Périmètre client-side plaçant les postes utilisateurs en première ligne d'exposition. Securonix documente la campagne VENOMOUS HELPER, active depuis avril 2025 et ayant frappé plus de 80 organisations principalement aux États-Unis. Phishing usurpant la Social Security Administration, déploiement de SimpleHelp RMM avec persistance Safe Mode, élévation SYSTEM via AdjustTokenPrivileges, architecture dual-channel résiliente avec ConnectWise ScreenConnect en repli. La CISA ajoute la faille Copy Fail (CVE-2026-31431) à son catalogue KEV le 02 mai 2026. La vulnérabilité affecte l'interface algif_aead du noyau Linux et permet à un utilisateur local non privilégié d'obtenir les privilèges root en écrivant quatre octets contrôlés dans le page cache. Exploit Python 100% fiable contre Ubuntu 24.04 LTS, Amazon Linux 2023, RHEL 10.1 et SUSE 16. Périmètre couvrant tous les kernels Linux compilés depuis 2017. Lightning AI publie un avis de sécurité sur la version 2.6.3 du package PyTorch Lightning distribuée sur PyPI, contenant une chaîne d'exécution cachée déclenchée à l'import. PyPI a basculé sur la version 2.6.1. ⚡️ Que la Force du patch soit avec vous. On ne réfléchit pas, on patch ! 📞 Répondeur : 07 68 72 20 09 📩 Email : radiocsirt@gmail.com 🌐 Site : radiocsirt.org 📰 Newsletter : radiocsirt.substack.com #CyberSecurity #CERT #CSIRT #ThreatIntelligence #StarWarsDay #MayThe4th #MISP #Microsoft #MicrosoftEdge #VENOMOUSHELPER #SimpleHelp #ScreenConnect #STAC6405 #CopyFail #LinuxKernel #CVE202631431 #KEV #CISA #PyTorchLightning #PyPI #ShaiWorm #SupplyChain #RadioCSIRT

PyTorch Lightning Supply Chain Attack Steals Credentials, Poisons Repositories [SECURITY] A supply chain attack compromised PyTorch Lightning, stealing credentials and poisoning GitHub repositories. Why it matters: This attack highlights critical vulnerabilities in the AI development supply chain, threatening sensitive data and code integrity for numerous deep learning projects. It underscores the urgent need for robust security practices in open-source dependencies, impacting teams building image classifiers, LLMs, and diffusion models. dailyaiwire.news/article/pyt… 🤔 How can the AI open-source ecosystem better secure its dependency chains against sophisticated, multi-vector attacks? #CyberSecurity #SupplyChainAttack #PyTorchLightning #Malware #AIsecurity

Shai-Hulud malware hit PyTorch Lightning, stealing AI dev credentials and dumping them on public GitHub. If you used versions 2.6.2/2.6.3, you're compromised. Act now! tpp.blog/jjakoz1 #technology #pytorchlightning #shaihulud

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials reconbee.com/pytorch-lightni… #PyTorchlightning #Intercom #supplychainattack #credentials #cyberattack

🚨 BREAKING: #BreakingNews Shai-Hulud themed malware found in PyTorch Lightning AI training library versions 2.6.2 and 2.6.3. Mini Shai-Hulud steals credentials, crypto wallets, VPN configs. #PyPI #PyTorchLightning #SupplyChainAttack #Cybersecurity

pytorchlightningを使ってL40Sで学習を開始。4時間で終わる！素晴らしい！計算パワーが正義！

Finally taking my Dockerized AI bot to the next level with @LightningAI. Their persistent GPU Studios are exactly what I needed to move beyond my 24/7 home PC and start serious model training. Massive thanks for supporting the dev community! 🛠️⚡️ #PyTorchLightning #BuildInPublic

💼 Senior Machine Learning Scientist - Applied Research (USA Remote) at Jobgether 📍 United States 💰 $111,000 - $185,000 🛠️ #techhiring #careers #python #pytorch #pytorchlightning #huggingface #ray #scikitlearn #llms #docker #aws 💬 Like and comment "Interested" to get details

📅9/12(金)15:30 〜 18:00 PytorchLightningで深層学習コードをスマートに記述しよう 対象者：Pythonコードに振れたことがある方 ・AI画像分類モデルの構築の講義 ・PytorchLightningを用いたコード変換 jdla.connpass.com/event/3658… #NoMapsTECH #AI #python

PyTorchLightningを使ってるなら少し書き換えるだけでいいらしい。そうじゃないならtorch_xlaを使えばできるんだけど、既存のコードを書き換える必要はわりとあってやや面倒になる docs.pytorch.org/xla/release… とか docs.pytorch.org/xla/release… みたいな感じになる

Listen to "Lightning Strikes Twice: PyTorch Lightning and the Art of Automating Your Nightmares" by MediumReach. creators.spotify.com/pod/sho… #pytorch #pytorchlightning #sklearn #tensorflow #aiagents #llm #openai

2/ This time I took the time to read the docs properly—super clean abstraction. Trainer class, built-in logging, multi-GPU, checkpointing, mixed precision—makes a lot of things smoother. Starting a small side project with it. Curious how it’ll go! #PyTorchLightning #DeepLearning

Will the model judge me for those midnight snack predictions? 🍪🤐 Source: devhubby.com/thread/how-to-p… #PyTorchLightning #Data #PyTorch #RNN #model #predict

自分でstepから全部書くのとpytorchlightning使うのどっちがいいんかな

Sometimes this single line from lightning comes as a lifesaver: ⚡️⚡️⚡️ #PytorchLightning

Seamlessly stream and train on Parquet-based datasets directly from Hugging Face using LitData & PyTorch Lightning. Unlock the power of efficient data pipelines! ⚡📊🚀 #MachineLearning #DeepLearning #PyTorchLightning

社内コンペ楽しいなぁ。 ベースラインのコードをPytorchLightningにしてくれてるものポイント高い。やっと重い腰を上げて勉強できる。