Search
Tencent Cloud Issues Security Advisory on Supply Chain Poisoning Risk in Xinference
22 hour ago /
Read about 0 minute
Author:小编
On April 23, 2026, Tencent Cloud Security Center issued a security advisory regarding a supply chain poisoning risk in Xinference, detecting that versions 2.6.0, 2.6.1, and 2.6.2 of Xinference are susceptible to supply chain poisoning. Attackers can exploit these affected versions to steal highly sensitive information, such as cloud credentials, API keys, SSH keys, encrypted wallets, database credentials, and environment variables, when users install or import the compromised packages. This stolen information can then be sent to a remote Command and Control (C2) server. Tencent Cloud Security advises users to promptly conduct security self-checks and, if affected, immediately update to a patched version to prevent intrusion.
-
C114 Communication Network -
Communication Home
7 X 24 Track global technological trends
