Dependency Confusion: Supply Chain Attacks on Internal MLOps Tooling
A deep architectural breakdown of how PIP resolves namespaces and how attackers hijack internal MLOps tools via Dependency Confusion.
2 docs tagged with "dependency-confusion"
View all tagsThe PyTorch Supply Chain Compromise: Dependency Confusion Analysis
An architectural breakdown of the late-2022 PyTorch supply chain attack, detailing pip index resolution flaws and namespace squatting.