LiteLLM Hit by Supply Chain Attack, Yanked From PyPI
Two compromised versions of the popular LLM interface tool were caught stealing credentials via injected malicious code.
LiteLLM, the widely used open source tool for accessing multiple large language models through a single interface, just got burned by a supply chain attack.
Two versions of the package were pulled from the Python Package Index (PyPI) after security researchers discovered they'd been injected with credential-stealing code. The malicious payload was designed to harvest sensitive credentials from developers and organizations running the compromised builds.
Supply chain attacks on PyPI packages have become an increasingly common threat vector. Attackers target popular packages knowing they'll be downloaded and deployed across thousands of environments, often with minimal scrutiny.
LiteLLM is a particularly juicy target given its role as a gateway to multiple LLM providers — meaning stolen credentials could unlock access to API keys for services like OpenAI, Anthropic, and others.
Developers who installed affected versions should rotate all credentials immediately.