LiteLLM versions 1.82.7 and 1.82.8 on PyPI were compromised in a supply chain attack that injected malicious code harvesting sensitive credentials. The malware collected SSH keys, cloud credentials, and other secrets while creating a fork bomb due to a bug in its implementation. The compromised packages have been yanked from PyPI after the maintainer's account was likely fully compromised.
Background
LiteLLM is a popular Python library for unifying multiple LLM APIs, making it a high-value target for supply chain attacks. PyPI supply chain attacks have become increasingly common as attackers target widely-used open source packages.
- Source
- Lobsters
- Published
- Mar 24, 2026 at 11:58 PM
- Score
- 8.0 / 10