Dispatch
LiteLLM Supply Chain Attack Exposed Credentials Across 36% of Cloud Environments; Ditches Delve Compliance Certs
Two malicious versions of the litellm PyPI package (3.4M downloads/day) contained credential-stealing malware planted by threat actor TeamPCP after compromising the Trivy security scanner in LiteLLM's CI/CD pipeline. The malware extracted SSH keys, cloud provider credentials, Kubernetes tokens, and CI/CD configs across an estimated 36% of cloud environments. LiteLLM has now dropped compliance startup Delve — which allegedly rubber-stamped audits with fake data — and will redo all security certifications.
Source
↳ Follow the thread