Supply Chain Attack in litellm 1.82.8 on PyPI
Summary
A detailed report on a supply chain attack targeting litellm 1.82.8 on PyPI, describing the malicious payload, its three-stage behavior (collection, exfiltration, lateral movement), and concrete remediation steps for teams using Python AI libraries. The piece emphasizes immediate containment for SMBs and developers, with guidance on credential rotation and environment hygiene.