THREAT OPS › Threat News › The AntV Supply Chain Campaign Expands: Microsoft's `durabletask` PyPI Package Compromised
The AntV Supply Chain Campaign Expands: Microsoft's `durabletask` PyPI Package Compromised
A day after the AntV npm supply chain attack, the same campaign appears to have struck `durabletask`, a Microsoft-associated Python package on PyPI. Snyk has coverage in the vulnerability database and package health pages. Here's what we know.
Original source: https://snyk.io/blog/durabletask-pypi-supply-chain-attack/