Attackers need to be in an adversary-in-the-middle position to intercept and modify the handshake exchange, making network compromise a key factor in executing the Terrapin attack.
The exposed API tokens had write permissions, allowing attackers to modify files in account repositories and potentially manipulate existing models, posing a significant threat to organizations and their applications.