Vibe Coding
LiteLLM PyPI Supply Chain Attack: Backdoored Versions Harvested SSH Keys, Cloud Creds, K8s Secrets
LiteLLM versions 1.82.7 and 1.82.8 on PyPI were compromised on March 24 via a stolen credential chain — attackers (TeamPCP) first backdoored Trivy's GitHub Action in LiteLLM's CI/CD pipeline, then used exfiltrated PyPI creds to publish malicious releases. The backdoor (.pth file) executes on every Python startup, harvesting SSH keys, cloud credentials, and Kubernetes secrets, then attempts lateral movement. Malicious versions were live ~3 hours before quarantine; LiteLLM sees ~3.4M downloads/day.
↳ Follow the thread