{ "Event": { "analysis": "1", "date": "2026-04-27", "extends_uuid": "", "info": "[Threat Intel] Supply Chain Poisoning via PyPI Repository Compromise", "protected": false, "publish_timestamp": "1779545717", "published": true, "threat_level_id": "2", "timestamp": "1779545716", "uuid": "c8be1fae-adba-4056-89a7-78ca3d45d5c2", "Orgc": { "name": "Rectifyq", "uuid": "cd9bd516-61fa-476b-980f-2f8de03992d4" }, "Tag": [ { "colour": "#ffffff", "local": false, "name": "tlp:clear", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" }, { "colour": "#b94b1d", "local": false, "name": "rectifyq:mitre-att&ck=\"none-from-src\"", "relationship_type": "" }, { "colour": "#b94b1d", "local": false, "name": "rectifyq:mitre-att&ck=\"from-OTX\"", "relationship_type": "" }, { "colour": "#0ee843", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Cloud Instance Metadata API - T1552.005\"", "relationship_type": "" }, { "colour": "#7d7034", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"System Information Discovery - T1082\"", "relationship_type": "" }, { "colour": "#68f2ff", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Data from Local System - T1005\"", "relationship_type": "" }, { "colour": "#a92e1c", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Deobfuscate/Decode Files or Information - T1140\"", "relationship_type": "" }, { "colour": "#8ed4a7", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Credentials from Web Browsers - T1555.003\"", "relationship_type": "" }, { "colour": "#e7d11f", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Private Keys - T1552.004\"", "relationship_type": "" }, { "colour": "#9f6bd9", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"System Network Configuration Discovery - T1016\"", "relationship_type": "" }, { "colour": "#36a9d8", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Account Discovery - T1087\"", "relationship_type": "" }, { "colour": "#0c0051", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"File and Directory Discovery - T1083\"", "relationship_type": "" }, { "colour": "#1997de", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Shell History - T1552.003\"", "relationship_type": "" }, { "colour": "#f95f85", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Credentials In Files - T1552.001\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Group Policy Preferences - T1552.006\"", "relationship_type": "" }, { "colour": "#a9f8b1", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Exfiltration Over C2 Channel - T1041\"", "relationship_type": "" }, { "colour": "#e08bb2", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Obfuscated Files or Information - T1027\"", "relationship_type": "" }, { "colour": "#d596aa", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Compromise Software Supply Chain - T1195.002\"", "relationship_type": "" }, { "colour": "#7d37d8", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Python - T1059.006\"", "relationship_type": "" }, { "colour": "#30cc3b", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"File Deletion - T1070.004\"", "relationship_type": "" }, { "colour": "#4c0fbb", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Ingress Tool Transfer - T1105\"", "relationship_type": "" }, { "colour": "#37c019", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Cloud Accounts - T1078.004\"", "relationship_type": "" }, { "colour": "#3b4369", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Container API - T1552.007\"", "relationship_type": "" }, { "colour": "#49a260", "local": false, "name": "rectifyq:category=\"threat\"", "relationship_type": "" }, { "colour": "#130049", "local": false, "name": "rectifyq:sub-category=\"campaign-analysis\"", "relationship_type": "" }, { "colour": "#18005e", "local": false, "name": "rectifyq:topic=\"supply-chain\"", "relationship_type": "" }, { "colour": "#ffd12e", "local": false, "name": "rectifyq:target=\"broad-based\"", "relationship_type": "" }, { "colour": "#55acee", "local": false, "name": "rectifyq:MY-relevancy=\"potentially-relevant\"", "relationship_type": "" }, { "colour": "#3800d9", "local": false, "name": "rectifyq:action-taken=\"VT-comment\"", "relationship_type": "" }, { "colour": "#3d00e9", "local": false, "name": "rectifyq:action-taken=\"telegram\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ], "Attribute": [ { "category": "Other", "comment": "Description", "deleted": false, "disable_correlation": false, "timestamp": "1777345218", "to_ids": false, "type": "text", "uuid": "4ccfb4e2-cca1-443e-abaf-45722942e940", "value": "Xinference, an open-source distributed AI model inference framework, suffered a supply chain attack when attackers compromised PyPI release credentials of maintainers and published three malicious versions (2.6.0, 2.6.1, 2.6.2) on April 22, 2026. The malicious code, encoded in Base64 layers within __init__.py, executes automatically upon library installation or import, collecting cloud credentials, SSH keys, API tokens, database passwords, cryptocurrency wallets, and environment variables. The payload specifically targets AWS environments through metadata service exploitation and uploads stolen data to attacker-controlled infrastructure. The attack affects users who downloaded these versions from PyPI, which has over 680,000 total downloads. Attribution remains unclear as TeamPCP's name appears in the code but the group denies involvement, suggesting third-party impersonation." }, { "category": "Other", "comment": "Summary", "deleted": false, "disable_correlation": false, "timestamp": "1777345218", "to_ids": false, "type": "text", "uuid": "db10b75e-ddcb-4bb8-9172-eb2b0f5bae2c", "value": "Name: Supply Chain Poisoning via PyPI Repository Compromise\nAuthor: AlienVault\nAdversary: \nTags: [\"cloud exploitation\", \"supply chain attack\", \"pypi compromise\", \"base64 encoding\", \"xinference\", \"teampcp\", \"ai framework\", \"credential theft\"]\nTgtd countries: []\nMlwr families: []\nAttack_ids: [\"T1552.005\", \"T1082\", \"T1005\", \"T1140\", \"T1555.003\", \"T1552.004\", \"T1016\", \"T1087\", \"T1083\", \"T1552.003\", \"T1552.001\", \"T1552.006\", \"T1041\", \"T1027\", \"T1195.002\", \"T1059.006\", \"T1070.004\", \"T1105\", \"T1078.004\", \"T1552.007\"]\nIndustries: [\"Technology\"]" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1777345218", "to_ids": true, "type": "md5", "uuid": "4f6e9c0d-8080-4693-9861-b870acfc731e", "value": "3ee893ae46530b92e0d26435fb979d82" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1777345218", "to_ids": true, "type": "md5", "uuid": "d4cc40c3-0f59-46d9-a4e6-b4f6e05b1d5f", "value": "484067fd6232f7cdd7b664b33857fc2c" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1777345218", "to_ids": true, "type": "md5", "uuid": "d436fb79-94b2-48fe-ba92-87318f7d3d6c", "value": "971670c10eff28339a085ca50a600e35" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1777345218", "to_ids": true, "type": "md5", "uuid": "767e5bda-05ca-4b21-a384-c9fef037b352", "value": "9b3257e45b27a6bbe4e240e41a3a306f" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1777345218", "to_ids": true, "type": "md5", "uuid": "7d9bc8bf-47c6-4d19-a565-162319839cfe", "value": "c6ce4e25f7fe3e3bb1eea2e9052483bf" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1777345218", "to_ids": true, "type": "md5", "uuid": "8574762d-9e3c-4454-a1e0-fc0fdf776891", "value": "e291734d46c313a23d676681499f8846" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1777345218", "to_ids": true, "type": "sha256", "uuid": "b849bacc-20ed-4ea1-bc7e-ce50551cf7f9", "value": "077d49fa708f498969d7cdffe701eb64675baaa4968ded9bd97a4936dd56c21c" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1777345218", "to_ids": true, "type": "sha256", "uuid": "46517551-fec1-450d-9847-9880934fe91a", "value": "e1e007ce4eab7774785617179d1c01a9381ae83abfd431aae8dba6f82d3ac127" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1777675499", "to_ids": true, "type": "url", "uuid": "0f3b9a6c-be17-4020-8649-2513109d7d72", "value": "https://whereisitat.lucyatemysuperbox.space", "Tag": [ { "colour": "#f08989", "local": false, "name": "NotFoundError", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1777675521", "to_ids": true, "type": "hostname", "uuid": "e2045dec-d553-4c1a-b17c-b0ff79dc6e49", "value": "whereisitat.lucyatemysuperbox.space", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1777630024", "to_ids": false, "type": "link", "uuid": "000821fa-4491-45ce-a921-955cd426ec7e", "value": "https://nsfocusglobal.com/xinference-pypi-supply-chain-poisoning-warning/", "Tag": [ { "colour": "#6b003a", "local": true, "name": "workflow:todo=\"create-missing-misp-galaxy-cluster\"", "relationship_type": "" } ] } ] } }