undefined | Better HN

0 pointscpburns20091d ago0 comments

safetensors is just as vulnerable to this sort of exploit using a pth file since it's a Python package.

0 comments

Yeah, fair enough, the problem here is that the credentials were stolen, the fact that the exploit was packaged into a .pth is just an implementation detail.

j / k navigate · click thread line to collapse

0 pointscpburns20091d ago0 comments

safetensors is just as vulnerable to this sort of exploit using a pth file since it's a Python package.

0 comments

Blackthorn1d ago

Yeah, fair enough, the problem here is that the credentials were stolen, the fact that the exploit was packaged into a .pth is just an implementation detail.

j / k navigate · click thread line to collapse