Articles about LiteLLM vulnerability (25.3.2026)
5 views
Skip to first unread message
Eyal Estrin
Mar 25, 2026, 4:18:48 AM (4 days ago) Mar 25
to
Popular litellm Python package is the latest victim of TeamPCP's ongoing supply chain attack
https://research.jfrog.com/post/litellm-compromised-teampcp/
Malicious litellm 1.82.8: Credential Theft and Persistent Backdoor
https://safedep.io/malicious-litellm-1-82-8-analysis/
LiteLLM compromised on PyPI: Tracing the March 2026 TeamPCP supply chain campaign
https://securitylabs.datadoghq.com/articles/litellm-compromised-pypi-teampcp-supply-chain-campaign/
TeamPCP Isn't Done: Threat Actor Behind Trivy and KICS Compromises Now Hits LiteLLM's 95 Million Monthly Downloads on PyPI
https://www.endorlabs.com/learn/teampcp-isnt-done
How a Poisoned Security Scanner Became the Key to Backdooring LiteLLM
https://snyk.io/articles/poisoned-security-scanner-backdooring-litellm/
Supply Chain Attack in litellm 1.82.8 on PyPI
https://futuresearch.ai/blog/litellm-pypi-supply-chain-attack/
TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 via Trivy CI/CD Compromise
https://thehackernews.com/2026/03/teampcp-backdoors-litellm-versions.html
New supply chain attack hits LiteLLM with 95M monthly downloads
https://cyberinsider.com/new-supply-chain-attack-hits-litellm-with-95m-monthly-downloads/
https://research.jfrog.com/post/litellm-compromised-teampcp/
Malicious litellm 1.82.8: Credential Theft and Persistent Backdoor
https://safedep.io/malicious-litellm-1-82-8-analysis/
LiteLLM compromised on PyPI: Tracing the March 2026 TeamPCP supply chain campaign
https://securitylabs.datadoghq.com/articles/litellm-compromised-pypi-teampcp-supply-chain-campaign/
TeamPCP Isn't Done: Threat Actor Behind Trivy and KICS Compromises Now Hits LiteLLM's 95 Million Monthly Downloads on PyPI
https://www.endorlabs.com/learn/teampcp-isnt-done
How a Poisoned Security Scanner Became the Key to Backdooring LiteLLM
https://snyk.io/articles/poisoned-security-scanner-backdooring-litellm/
Supply Chain Attack in litellm 1.82.8 on PyPI
https://futuresearch.ai/blog/litellm-pypi-supply-chain-attack/
TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 via Trivy CI/CD Compromise
https://thehackernews.com/2026/03/teampcp-backdoors-litellm-versions.html
New supply chain attack hits LiteLLM with 95M monthly downloads
https://cyberinsider.com/new-supply-chain-attack-hits-litellm-with-95m-monthly-downloads/
Reply all
Reply to author
Forward
0 new messages