durabletask Compromised in TeamPCP PyPI Attack
Source: Socprime
Published:
<p>A supply chain attack targeted the Microsoft durabletask Python package on PyPI, resulting in the publication of malicious versions 1.4.1 , 1.4.2 , and 1.4.3 . The attacker reportedly leveraged a compromised GitHub account to obtain a PyPI token and upload weaponized wheel files. The malicious pa