|
FIRE101 Jobs:
FIREMEN, EMS, Emergency, Rescue
|
|
POLICE101 Jobs:
Cops,Officers,Security
|
|
Mainframe IT Jobs:
z/OS, z/VM, DB2, COBOL,QA,INTERNs
|
|
Software Jobs:
Web, Linux, C++, Java, INTERNs
|
|
Finance Jobs:
Accounting, INTERNS, Brokers, Invest
|
|
Legal, Lawyer Jobs:
Paralegals,
INTERNs,Law Firms
|
|
Medical, Nurse Jobs:
Doctors, INTERNs, Nurses, ER
|
|
Genetic, Science Jobs
Genetics, Research,
INTERNs, Labwork
|
* Latest "Dinkelacker" in the News *
Live EBAY Auctions
|
|
Internet Search Results
How a Poisoned Security Scanner Became the Key to Backdooring ...
On March 24, 2026, threat actor known as TeamPCP published backdoored versions of the litellm Python package after stealing PyPI credentials via a compromised Trivy GitHub Action in LiteLLM's CI/CD pipeline. Here's what happened, how the three-stage malware works, and how to check if you're affected.
Popular LiteLLM PyPI package backdoored to steal credentials ...
The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...
LiteLLM Backdoored by TeamPCP: PyPI Supply Chain Attack (2026)
LiteLLM uses Trivy as its security scanner. When the compromised Trivy action ran in LiteLLM’s pipeline, it harvested the PyPI publishing token. TeamPCP then used that token to publish backdoored packages directly to PyPI, bypassing GitHub entirely. PyPI quarantined the entire project within approximately three hours.
LiteLLM PyPI Package With 95 Million Downloads Compromised by ...
A widely used open-source Python library was compromised on the Python Package Index (PyPI). Versions 1.82.7 and 1.82.8 of the package, which route requests across various LLM providers and have over 95 million monthly downloads, were found to contain a sophisticated backdoor by security vendors Endor Labs and JFrog. The malicious code was injected directly into the PyPI distribution ...
Your AI Gateway Was a Backdoor: Inside the LiteLLM Supply ...
The stack traces pointed to the LiteLLM package, a popular Python package downloaded 3.4 million times per day that serves as a unified gateway to multiple LLM providers, was compromised on PyPI. Upon analysis, it was found that versions 1.82.7 and 1.82.8 contained malicious code that stole cloud credentials, SSH keys, and Kubernetes secrets.
Security Update: Suspected Supply Chain Incident - liteLLM
The compromised PyPI packages were litellm==1.82.7 and litellm==1.82.8. Those packages were live on March 24, 2026 from 10:39 UTC for about 40 minutes before being quarantined by PyPI.
Malicious LiteLLM versions on PyPI stole credentials in March ...
What happened LiteLLM, a widely used tool for routing requests to large language models (think of it like a switchboard for AI services), was hit by a supply chain compromise on March 24, 2026. Attackers published two malicious versions on PyPI, which is the main public download site for Python packages (like an app store for Python developers).
 Get a
job now!
1000s of
FRESH NEW JOBS!
|
FIRE101 Jobs:
FIREMEN, EMS, EMT, Emergency
Firechief, Firefighter, Volunteer FD
Rescue, Underwater, INTERNs
|
|
POLICE101 Jobs:
Cops, Officers, Security
Police Officers, Deputy, Sheriff
INTERNs, Trainees
|
|
Mainframe IT Jobs:
z/OS, z/VM, DB2, COBOL,QA,INTERNs
Systems Programmer, Programmers
Tech Support, Helpdesk, Customers
|
|
Software Jobs:
Web, Linux, C++, Java, INTERNs
Server Administration, User Support
App Development, Customer Support
|
|
Finance Jobs:
Accounting, INTERNS, Brokers, Invest
Finance, Retirement Planner
Financial Advisors
|
|
Legal, Lawyer Jobs:
Paralegals,
INTERNs, Law Firms
Lawyers, Law Partners, Attorneys
Defense, Medical, Real Estate
|
|
Medical, Nurse Jobs:
Doctors, INTERNs, Nurses, ER
LPNs, RNs, Critical Care
Physical Therapy, Occupational Therapy
|
|
Genetic, Science Jobs
Genetics, Research,
INTERNs, Labwork
Scientific Jobs, Gene Research
Disease Research, Pharmaceutical
|
|
|
Follow
us:
