{
  "title": "Xinference PyPI 2.6.x Import-Time Credential Exfiltration",
  "summary": "JFrog reported that the legitimate PyPI package xinference shipped malicious versions 2.6.0, 2.6.1, and 2.6.2 with import-time code in xinference/__init__.py. The payload collected host and secret material into love.tar.gz and posted it to whereisitat.lucyatemysuperbox.space with header X-QT-SR: 14.",
  "date": "2026-04-22",
  "severity": "critical",
  "tags": [
    "pypi",
    "supply-chain",
    "xinference",
    "ai-ml",
    "credential-theft"
  ],
  "sources_count": 2,
  "indicators": {
    "slug": "xinference-pypi-credential-hijack",
    "since": "2026-04-22T00:00:00Z",
    "until": "2026-04-23T23:59:59Z",
    "ecosystem": "pypi",
    "cves": [],
    "cwes": [],
    "advisoryIds": [],
    "products": [],
    "packages": [],
    "versions": [
      "xinference==2.6.0",
      "xinference==2.6.1",
      "xinference==2.6.2"
    ],
    "affectedVersions": [],
    "fixedVersions": [],
    "files": [
      "xinference/__init__.py",
      "love.tar.gz",
      "f"
    ],
    "paths": [],
    "services": [],
    "domains": [
      "whereisitat.lucyatemysuperbox.space",
      "love.tar.gz"
    ],
    "urls": [
      "https://whereisitat.lucyatemysuperbox.space/"
    ],
    "ips": [],
    "hashes": [
      "e1e007ce4eab7774785617179d1c01a9381ae83abfd431aae8dba6f82d3ac127",
      "077d49fa708f498969d7cdffe701eb64675baaa4968ded9bd97a4936dd56c21c",
      "fe17e2ea4012d07d90ecb7793c1b0593a6138d25a9393192263e751660ec3cd0"
    ],
    "processPatterns": [
      "curl --data-binary",
      "subprocess.Popen"
    ],
    "networkPatterns": [],
    "telemetrySelectors": []
  }
}