theAIcatchup

Malicious LiteLLM Python code scanning for AWS keys and database configs in a server terminal

LiteLLM's PyPI Poison: How Hackers Turned an AI Gateway into a Secret-Scavenger

Two PyPI uploads in March 2026 transformed LiteLLM – your go-to AI proxy – into a data vacuum. It rifled through servers for AWS creds, DB configs, even crypto wallets, all while you imported it blindly.

4 min read 4 hours ago

#AI security breach

LiteLLM's PyPI Poison: How Hackers Turned an AI Gateway into a Secret-Scavenger

Stay in the loop