{
  "title": "Microsoft DurableTask Python SDK PyPI Hijacking",
  "summary": "On May 19, 2026, the official Microsoft durabletask Python SDK was compromised on PyPI. Threat actors used hijacked publishing credentials to directly upload malicious versions containing a cloud credential-harvesting payload.",
  "date": "2026-05-19",
  "severity": "critical",
  "tags": [
    "pypi",
    "package-compromise",
    "supply-chain",
    "credential-theft",
    "microsoft",
    "teampcp"
  ],
  "sources_count": 3,
  "indicators": {
    "slug": "microsoft-durabletask-pypi-compromise",
    "since": "2026-05-19T06:00:00Z",
    "until": "2026-05-19T23:59:59Z",
    "ecosystem": "pypi, python pypi registry",
    "cves": [],
    "cwes": [],
    "advisoryIds": [],
    "products": [],
    "packages": [
      "durabletask"
    ],
    "versions": [
      "1.4.1",
      "1.4.2",
      "1.4.3"
    ],
    "affectedVersions": [],
    "fixedVersions": [
      "1.4.4"
    ],
    "files": [],
    "paths": [],
    "services": [],
    "domains": [
      "www.stepsecurity.io"
    ],
    "urls": [
      "https://www.stepsecurity.io`"
    ],
    "ips": [],
    "hashes": [],
    "processPatterns": [],
    "networkPatterns": [],
    "telemetrySelectors": []
  }
}