Threat Digest

Code snippet of malicious LiteLLM payload exfiltrating AWS credentials to attacker server

LiteLLM's Poisoned Update: Hackers Hijack AI Gateway to Raid Cloud Secrets

A routine pip install turned nightmare for LiteLLM users last March. Attackers slipped malware into this AI gateway, exfiltrating cloud creds and server configs in a classic supply chain hit.

5 min read 1 month, 1 week ago

Terminal window installing malicious LiteLLM package with credential paths exposed

Cloud Security

LiteLLM's Poisoned PyPI Packages Turned Dev Laptops Into Open Credential Safes

One pip install, and your AWS keys were gone. The LiteLLM attack shows developer laptops aren't just tools—they're attacker playgrounds loaded with plaintext secrets.

4 min read 1 month, 2 weeks ago

#litellm-attack

LiteLLM's Poisoned Update: Hackers Hijack AI Gateway to Raid Cloud Secrets

LiteLLM's Poisoned PyPI Packages Turned Dev Laptops Into Open Credential Safes