National Cyber Warfare Foundation (NCWF)

Xinference Compromised in Supply Chain Attack (Campaign)


0 user ratings
2026-04-29 15:11:19
milo
Attacks
The attackers compromised legitimate xinference releases rather than publishing a typosquat package, embedding malicious code directly into xinference/init.py. This ensures execution whenever the package is imported, including during application startup or dependency resolutio...

The attackers compromised legitimate xinference releases rather than publishing a typosquat package, embedding malicious code directly into xinference/init.py. This ensures execution whenever the package is imported, including during application startup or dependency resolutio...

Source: Wiz
Source Link: https://threats.wiz.io/all-incidents/xinference-compromised-in-supply-chain-attack


Comments
new comment
Nobody has commented yet. Will you be the first?
 
Forum
Attacks



Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.