TeamPCP strikes again: Xinference (v2.6.0-2.6.2) PyPI package compromised

The PyPI package Xinference versions 2.6.0 through 2.6.2 were compromised by TeamPCP, who uploaded malicious versions containing a backdoor. The backdoor allowed remote code execution on affected systems, potentially enabling data theft and further attacks. Users are advised to upgrade to version 2.6.3 or later to address the security issue.