A severe supply chain attack has compromised the popular Python package Xinference, exposing developers to massive data theft.

Threat actors uploaded malicious versions of the tool to the Python Package Index (PyPI), embedding a heavily obfuscated infostealer into the code.

Xinference has over 600,000 total downloads, making this a significant security event for the software development community.

While the malicious script leaves a comment referencing the threat group TeamPCP, the group has publicly denied any involvement through their official X account.

According to OX Security, the breach started when an automated account named XprobeBot, which has been active since October 2025, was likely compromised by attackers.

On April 22, 2026, this bot account committed a malicious base64-encoded payload directly into the package’s __init__.py file.

Because of this specific file placement, the malware executes the moment a developer imports the Xinference package, either automatically or by initializing it in their Python project.

Xinference developers confirmed the security breach after a user reported highly suspicious behavior following a recent update.

Once the initial code runs, it decodes a secondary payload containing the actual infostealer malware. This script immediately begins hunting for sensitive information on the infected machine.

The infostealer is incredibly thorough and targets a wide range of high-value assets stored on developer machines.

It gathers this sensitive information, compresses it, and silently transmits the archive to a remote command-and-control server.

The script specifically searches for several critical data categories.

Developers who installed or updated Xinference recently without pinning their dependencies are at severe risk of compromise.

The malicious package versions are identified as 2.6.0, 2.6.1, and 2.6.2. Currently, the latest safe version available on PyPI is 2.5.0. If your organization uses this tool, you must investigate your environment and take quick action.

Follow us on Google News , LinkedIn , and X to Get Instant Updates and Set GBH as a Preferred Source in Google .

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

GitLab has released emergency security patches addressing 11 vulnerabilities across its Community Edition (CE) and Enterprise…

The Harvester APT group has quietly expanded its espionage arsenal with a new Linux variant…

Malicious npm package js-logger-pack is now abusing Hugging Face not just as a malware CDN, but also…

A newly discovered Linux variant of the GoGra backdoor is being used by the Harvester…

A critical Server-Side Request Forgery (SSRF) vulnerability in LMDeploy's vision-language module was exploited in active…

North Korean threat actors are once again leveraging deceptive remote work schemes to infiltrate global…