Microsoft's durabletask PyPI Package Compromised in Supply Chain Attack

A highly sophisticated supply chain attack compromised Microsoft's official durabletask Python SDK on PyPI, deploying a modular cloud intrusion framework that steals credentials from major cloud and developer platforms, spreads laterally, and selectively wipes targeted systems—marking a major escalation by the TeamPCP threat group behind the Mini Shai-Hulud campaign.