Industry Newsllmpypisupply chaincrypto security
LiteLLM Distributes Malware Stealing Crypto Secrets
8.7
Relevance Score
On Mar. 24 an attacker used a compromised maintainer account to publish two malicious LiteLLM releases (1.82.7 and 1.82.8) to PyPI, with 1.82.8 planting a .pth that executed at every Python startup. The payload exfiltrated crypto wallets, Solana validator keys, SSH/cloud credentials, and Kubernetes secrets across 46,996 downloads in 46 minutes; PyPI quarantined the builds and LiteLLM removed them.
Scoring Rationale
High immediacy and confirmed exfiltration across PyPI, but impact concentrates on Python developer and crypto ecosystems rather than universal infrastructure.
Sources
- Read OriginalHackers sneak crypto wallet-stealing code into a popular AI tool that runs every timecryptoslate.com
