MAL-2026-3201
Malicious code in lightning (PyPI)
Details
--- _-= Per source details. Do not edit below this line.=-_
## Source: kam193 (703ac419d775488be137d7e01517d768da0b5581ab63338fb9523f2289f2b92c) Versions 2.6.2, 2.6.3 were compromised.
Compromised versions contain injected code that starts automatically during importing the module, downloads (legitimate) JavaScript runtime, and executes included JavaScript infostealer. It collects credentials from multiple sources (e.g. files, process memory, cloud metadata endpoints, CLI commands like gh or gcloud), sensitive cryptocurrency data, shell history files. It also attempts to spread itself using discovered credentials to other repositories and packages.
---
Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.
Campaign: 2026-04-compr-lightning
Reasons (based on the campaign):
- infostealer
- files-exfiltration
- exfiltration-ssh-keys
- exfiltration-crypto
- exfiltration-credentials
- compromised-package
Are you affected?
Enter the version of the package you're using.
Affected packages
No fixed version published yet for lightning (pip). Pin to a known-safe version or switch to an alternative.
References
- https://github.com/Lightning-AI/pytorch-lightning/issues/21691 [WEB]
- https://www.aikido.dev/blog/pytorch-lightning-pypi-compromise-mini-shai-hulud [WEB]
- https://socket.dev/blog/lightning-pypi-package-compromised [WEB]
- https://bad-packages.kam193.eu/pypi/campaign/2026-04-compr-lightning [WEB]
- https://github.com/Lightning-AI/pytorch-lightning/security/advisories/GHSA-w37p-236h-pfx3 [WEB]