A pair of security researchers managed to infiltrate the development infrastructure for PyTorch by using new techniques that exploit insecure configurations in GitHub Actions workflows. Their proof-of-concept attack was responsibly disclosed to PyTorch lead developer Meta AI, but other software development organizations that use GitHub Actions have likely made the same deployment mistakes, potentially exposing themselves to software supply-chain attacks.
