Backdoored PyTorch Lightning package steals credentials from ML engineers

A typosquatted PyTorch Lightning package on PyPI executed credential-stealing malware on import, targeting browser passwords, .env files, and cloud service keys. The attack is particularly effective against ML teams because their environments have high dependency churn, weak package audit practices, and elevated cloud permissions. What happened: malicious code runs during import (not function call), exfiltrates Chrome/Firefox credentials via DPAPI, scans for .env files containing API keys and database URLs, and grabs AWS/GCP/Azure credential files from standard locations. Why it works: humans misread package names under time pressure, ML projects concentrate secrets in plaintext .env files, and training environments accumulate unvetted dependencies. What you need to do: audit your pip freeze and conda list against PyPI for typosquatted names, rotate any credentials that might have been on machines where you installed untrusted packages, enforce .env file scanning in CI/CD, and consider moving secrets to environment variables injected at runtime instead of stored on disk. The real issue isn't that typosquatting is new—it's that ML workflows have become a high-value target because they combine weak dependency hygiene with access to expensive cloud infrastructure and training data. #SecurityBreach #MLOps #SupplyChain https://www.bleepingcomputer.com/news/security/backdoored-pytorch-lightning-package-drops-credential-stealer/