Contact DMCA Privacy

Robuta

Sponsor of the Day: Jerkmate
https://www.itpro.com/security/litellm-pypi-compromise-everything-we-know-so-far LiteLLM PyPI compromise: Everything we know so far | IT Pro Mar 26, 2026 - The TeamPCP hacking group is believed to have successfully backdoored the package to harvest credentials litellm pypicompromiseeverythingknowfar https://www.giskard.ai/knowledge/litellm-supply-chain-attack-2026 How the LiteLLM PyPI Supply Chain Attack Happened — and What to Do If You're Affected On March 24 2026, attackers published two malicious versions of the litellm Python library to PyPI, stealing SSH keys, cloud credentials, and Kubernetes... pypi supply chainlitellmattackhappenedaffected https://www.helpnetsecurity.com/2026/03/25/teampcp-supply-chain-attacks/ LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks - Help Net Security Mar 27, 2026 - A slew of supply chain attacks against popular open source tools and packages appears to have been orchestrated by TeamPCP cybercriminals. teampcp supply chainlitellm pypipackages compromisedattacks helpexpanding https://www.infosecurity-magazine.com/news/teampcp-litellm-pypi-supply-chain/ TeamPCP Expands Supply Chain Campaign With LiteLLM PyPI Compromise - Infosecurity Magazine Apr 9, 2026 - Python package LiteLLM compromised with credential-stealing malware linked to TeamPCP threat group supply chain campaignlitellm pypiinfosecurity magazineteampcpexpands https://www.trendmicro.com/en_us/research/26/c/your-ai-stack-just-handed-over-your-root-keys-inside-the-litellm-pypi-breach.html Your AI Stack Just Handed Over Your Root Keys: Inside the litellm PyPI Breach | Trend Micro (US) Litellm PyPI breach explained: malicious versions steal cloud credentials, SSH keys, and Kubernetes secrets. Learn impact and urgent mitigation steps. trend micro usai stacklitellm pypihandedroot https://www.openwall.com/lists/oss-security/2026/03/24/6 oss-security - litellm pypi packages compromised, infostealer added oss securitylitellm pypipackages compromisedinfostealeradded https://www.harness.io:443/blog/litellm-compromise-securing-ai-pipelines-from-pypi-supply-chain-attacks LiteLLM Compromise: Securing AI Pipelines from PyPI Supply C LiteLLM PyPI was compromised in a supply chain attack, using .pth files and blockchain C2 to steal credentials and execute persistent, multi-stage malware. |... securing aipypi supplylitellmcompromisepipelines https://www.infoq.com/news/2026/03/litellm-supply-chain-attack/ PyPI Supply Chain Attack Compromises LiteLLM, Enabling the Exfiltration of Sensitive Information -... Mar 31, 2026 - Discovered by FutureSearch researcher Callum McMahon, a supply chain attack against LiteLLM on PyPI resulted in over 40 thousand downloads of a compromised... pypi supply chainsensitive informationattackcompromiseslitellm https://lwn.net/Articles/1064479/ LiteLLM on PyPI is compromised [LWN.net] This issue report describes a credential-stealing attack buried within LiteLLM 1.82.8 in the Py [...] litellmpypicompromisedlwn https://securitylabs.datadoghq.com/articles/litellm-compromised-pypi-teampcp-supply-chain-campaign/ LiteLLM and Telnyx compromised on PyPI: Tracing the TeamPCP supply chain campaign | Datadog... On March 24 and 27, 2026, malicious PyPI releases of LiteLLM and Telnyx were published as part of the TeamPCP supply chain campaign. We trace the full campaign... teampcp supply chainlitellmtelnyxcompromisedpypi https://futuresearch.ai/blog/litellm-pypi-supply-chain-attack/ Supply Chain Attack in litellm 1.82.8 on PyPI Mar 24, 2026 - litellm version 1.82.8 on PyPI contains a malicious .pth file that harvests SSH keys, cloud credentials, and secrets on every Python startup, then attempts... supply chain attack1 82litellmpypi https://www.infoworld.com/article/4149909/pypi-warns-developers-after-litellm-malware-found-stealing-cloud-and-ci-cd-credentials-2.html PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials | InfoWorld Mar 25, 2026 - The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes configs, SSH keys, and automation... litellm malwarefound stealingci cdpypiwarns https://blog.securelayer7.net/pypi-litellm-supply-chain-attack/ PyPI litellm Supply Chain Attack Explained: Risks & Prevention litellm supply chainattack explainedrisks preventionpypi https://phoenix.security/teampcp-litellm-supply-chain-compromise-pypi-credential-stealer-kubernetes/ LiteLLM Backdoored by TeamPCP: PyPI Supply Chain Attack (2026) Mar 30, 2026 - TeamPCP backdoored LiteLLM v1.82.7 and v1.82.8 on PyPI with a credential stealer, K8s lateral movement, and persistent backdoor. Full IOCs, detection, and... pypi supply chainattack 2026litellmbackdooredteampcp https://www.csoonline.com/article/4149905/pypi-warns-developers-after-litellm-malware-found-stealing-cloud-and-ci-cd-credentials.html PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials | CSO Online Mar 25, 2026 - The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes configs, SSH keys, and automation... litellm malwarefound stealingci cdcso onlinepypi