PyTorch

An open-source machine learning library primarily developed by Facebook's AI Research lab, used for applications such as computer vision and natural language processing.

CCI Score

-33.69

0.02% April 18

Latest Event

PyTorch Supply Chain Attack Exposes Security Vulnerabilities

Ethical hackers exploited misconfigurations in PyTorch's self-hosted GitHub Actions runners, injecting malicious code into its CI/CD pipeline beginning in August 2023. This incident exposes significant security weaknesses in the software supply chain of a widely used open-source machine learning library.

Take Action

So what can you do? It's time to make tough choices. Where will you cast your vote?

Shop Alternatives SEE ALL: Zoho

SPS Commerce

SUSE
Use Your Voice OTHER TOOLS
Investigate
Share the Score SUPPORT CCI

TOADIE

PyTorch is currently rated as a Toadie.

-30 to -44 CCI Score

Companies scoring in this range actively seek to please authoritarian regimes. They offer proactive support and assistance in exchange for preferential treatment, compromising ethical standards for business gains and political favor.

Latest Events

AUG

01

2023

PyTorch Supply Chain Attack Exposes Security Vulnerabilities
-33.69

Ethical hackers exploited misconfigurations in PyTorch's self-hosted GitHub Actions runners, injecting malicious code into its CI/CD pipeline beginning in August 2023. This incident exposes significant security weaknesses in the software supply chain of a widely used open-source machine learning library.
-40

Supply Chain Ethics

April 2

The attack revealed vulnerabilities in PyTorch's supply chain management by exploiting unsecured self-hosted GitHub Actions runners. This lapse in the ethical and secure management of its software supply chain not only risks the integrity of its widely adopted technology but also potentially allows malicious actors—including authoritarian regimes—to exploit these weaknesses for broader repressive purposes. The incident underscores the need for stronger security protocols to protect technological infrastructure that could be weaponized in an age of growing authoritarianism.

Lessons from the Recent PyTorch Supply Chain Attack

Alternatives

Hugging Face

Corporation

37.87

Grok AI

Corporation

-20.75

OpenAI

Corporation

0.65

Zoho Corporation

Chennai, India

71.21

SPS Commerce, Inc.

Minneapolis, United States

65.48

SUSE

Nuremberg, Germany

64.82

Edmunds.com, Inc.

Santa Monica, USA

62.85

Kinaxis Inc.

Ottawa, Canada

62.40

Commvault Systems, Inc.

Tinton Falls, USA

59.89

Contentful

Berlin, Germany

56.80

Industries

: 541511; Custom Computer Programming Services
: 541512; Computer Systems Design Services
: 541715; Research and Development in the Physical, Engineering, and Life Sciences (except Nanotechnology and Biotechnology)
: 511210; Software Publishers

Company Directory

Company Directory

Company Directory - PyTorch

Company Details - PyTorch

PyTorch

CCI Score: PyTorch

Latest Events

Alternatives

Industries