📰 Paket PyPI Populer LiteLLM Disusupi Backdoor untuk Curi Kredensial dan Token

👉 Baca artikel lengkap di sini: ahmandonk.com/2026/04/04/paket-pypi-po...

#beritaTeknologi #infostealer #keamananSiber #kredensialCloud #litellm #malware #pypi

BO firm Mercor confirms a breach linked to the #LiteLLM supply chain attack, as mashers claim 4TB of stolen data.

Read: mashread.com/ai-firm-merc...

#PotatoSecurity #DataBreach #Mercor #AI #TeamPCP #Lapsus

AI Firm Mercor Confirms Breach as Hackers Claim 4TB of Stolen Data AI firm Mercor confirms a breach linked to a LiteLLM supply chain attack, as hackers claim to have stolen 4TB of sensitive data and internal systems.

AI firm Mercor confirms a breach linked to the #LiteLLM supply chain attack, as hackers claim 4TB of stolen data.

Read: hackread.com/ai-firm-merc...

#CyberSecurity #DataBreach #Mercor #AI #TeamPCP #Lapsus

Память для LLM-чата на Python. Часть 3: добавляем историю сообщений и контекст Во второй части мы сделали консоль...

#python #ollama #litellm #llm #локальные #модели #искуственный #интеллект #npl #чатбот #ai

Origin | Interest | Match

Security Week Home SecurityWeek provides cybersecurity news and information to global enterprises, with expert insights & analysis for IT security professionals

🚨 Mercor confirmed it was hit by data breach linked to LiteLLM supply-chain incident. The hacking group Lapsus$ claims have stolen 4TB: source code, Slack logs, videos. Malicious code was injected into LiteLLM versions 1.82.7 and 1.82.8. #CyberSecurity #Infosec #LiteLLM #Mercor #SupplyChainAttack

#Mercor says it was hit by #cyberattack tied to compromise of #OpenSource #LiteLLM project

techcrunch.com/2026/03/31/mercor-says-i...

#cybersecurity #AI

AI recruiting firm Mercor hit by complex cyberattack involving LiteLLM & Lapsus$. Was it one attack or two? Huge implications for open-source security.

thepixelspulse.com/posts/mercor-litellm-cyb...

#mercor #litellm #teampcp

Bericht: Cyberkriminelle stehlen Cisco-Quellcode durch gestohlene Credentials Nach der Supply-Chain-Attacke auf LiteLLM konnten Angreifer auf interne Cisco-Daten zugreifen, heißt es. Sourcecode von Cisco und Kunden wurde wohl gestohlen.

Bericht: #Cyberkriminelle stehlen #Cisco - #Quellcode durch gestohlene #Credentials #SupplyChainAttac #Cybercrime #LiteLLM
heise.de/-11244097

AI Startup Mercor Hit by Supply Chain Attack Linked to LiteLLM A supply chain compromise in the widely used LiteLLM open-source project led to a data breach that impacted thousands of companies, including AI recruiting startup Mercor. The incident has been linked to hacking group TeamPCP while extortion group Lapsus$ also claimed access, and investigations are ongoing with limited clarity about the...

Mercor AI startup affected by a supply chain attack linked to malicious code in the LiteLLM open-source project. Thousands of companies impacted, with TeamPCP and Lapsus$ involved. Investigations ongoing. #LiteLLM #SupplyChain #USA

شركة ناشئة في مجال التوظيف باستخدام #الذكاء_الاصطناعي

#Merco

تتعرض لهجوم إلكتروني على سلسلة التوريد عبر اختراق مشروع

#LiteLLM

مفتوح المصدر من قِبَلِ قراصنة

#AIRecruitingStartup
#Mashing
#OpenSourceSupplyChain
#API
#ThirdPartyLibraries
#PotatoSecurity

t.me/techpost365/...

t.me/techpost365/...

شركة ناشئة في مجال التوظيف باستخدام #الذكاء_الاصطناعي

#Merco

تتعرض لهجوم إلكتروني على سلسلة التوريد عبر اختراق مشروع

#LiteLLM

مفتوح المصدر من قِبَلِ قراصنة

#AIRecruitingStartup
#Hacking
#OpenSourceSupplyChain
#API
#ThirdPartyLibraries
#CyberSecurity

t.me/techpost365/...

t.me/techpost365/...

Mercor 보안 사고와 LiteLLM 공급망 공격의 실체 - IT Mania 도전인생 최근 AI 채용 스타트업 Mercor가 대규모 데이터 유출 논란에 휩싸였습니다. 오픈소스 라이브러리인 LiteLLM의 취약점이 해킹 그룹의 타깃이 되면서, 수천 개의 기업이 연쇄적인 공급망 공격 위험에 노출된 것인데요. 이번 사태가 우리에게 주는 경고는 무엇인지, 그리고 기업들은

Mercor 보안 사고와 LiteLLM 공급망 공격의 실체

https://bit.ly/4v11c8W

#Mercor #LiteLLM #공급망보안 #데이터유출 #AI보안 #정보보안 #CyberSecurity

Mercor says it is "one of thousands of companies" hit by the recent LiteLLM attack LiteLLM, a very popular AI developer tool, recently suffered a security breach with a huge blast radius that included AI hiring startup Mercor.

LiteLLM, a very popular AI developer tool, recently suffered a security breach with a huge blast radius that included AI hiring startup Mercor.
#Mercor #LiteLLM

Popular #AI gateway startup #LiteLLM ditches controversial startup #Delve

techcrunch.com/2026/03/30/popular-ai-ga...

#cybersecurity

How SentinelOne’s AI EDR Autonomously Discovered and Stopped Anthropic’s Claude from Executing a Zero Day Supply Chain Attack, Globally Read our blog post to learn how SentinelOne’s AI EDR au...

#Company #AI #EDR #LiteLLM #Singularity #Supply #Chain #Attack #zero #day

Origin | Interest | Match

LiteLLM ends partnership with Delve amid security certification controversy, plans re-certification with Vanta and independent audit. #LiteLLM #Delve #PotatoSecurity #AI #TechNews Link: thedailytechfeed.com/litellm-ends...

LiteLLM ends partnership with Delve amid security certification controversy, plans re-certification with Vanta and independent audit. #LiteLLM #Delve #CyberSecurity #AI #TechNews Link: thedailytechfeed.com/litellm-ends...

LiteLLM Ends Partnership with Delve Over Security Concerns LiteLLM ends partnership with Delve over security compliance concerns

LiteLLM terminates partnership with Delve after malware attack exposed sensitive data, raising questions about Delve's security #Technology #AI #Trust

LiteLLM 보안 논란과 보안 인증을 다시 하는 이유 3가지 - IT Mania 도전인생 AI 기술이 빠르게 발전하면서 개발자들이 가장 많이 사용하는 AI 게이트웨이 플랫폼인 LiteLLM의 최근 행보가 주목받고 있습니다. 최근 LiteLLM이 보안 인증을 위해 손잡았던 스타트업 Delve와의 관계를 완전히 정리하고, 보안 인증 절차를 처음부터 다시 밟겠다고 발표했기

LiteLLM 보안 논란과 보안 인증을 다시 하는 이유 3가지

https://bit.ly/4bIcs2G

#LiteLLM #AI보안 #개발자플랫폼 #아임테크 #보안인증 #스타트업뉴스 #기술동향

March 24, 2026, the #LiteLLM #Python package was compromised, one uses a .pth file in site-packages to execute malicious code on every Python startup. The mechanism behind this? Python's site module.

#Redteam #Hak5 #CyberNews #BlueTeam #OpSec #WebDev #CyberSecurity
youtu.be/XylwUXpxAcY?...

Vulnerabilidade por #malware no código aberto / #opensource, comprometeu diversos projetos. Veja o que fazer pra evitar e se proteger e como isso impacta a sociedade em geral. #tech #technologu #tecnologia #code #python #trivy #liteLLM

www.youtube.com/watch?v=BLCY...

GitHub - kreuzberg-dev/liter-llm: Universal LLM API client — 142+ providers, 11 native language bindings, powered by Rust core Universal LLM API client — 142+ providers, 11 native language bindings, powered by Rust core - kreuzberg-dev/liter-llm

Following the #LiteLLM supply chain attack - we just released an alternative. Happy to introduce Liter-LLM - faster, leaner, and built on Rust safety.

github.com/kreuzberg-de...

An AI gateway designed to steal your data In March 2026 attackers trojanized the popular Python library LiteLLM by uploading malicious versions to PyPI and OpenVSX that executed Base64-encoded payloads to collect secrets and deploy further stages. The malware harvested local files and cloud runtime credentials (including AWS IMDS), sought crypto wallets, established persistence locally and in Kubernetes, and exfiltrated encrypted archives to a remote C2. #LiteLLM #Checkmarx

In March 2026, attackers trojanized LiteLLM Python packages on PyPI, deploying Base64-encoded payloads to steal local files, cloud credentials, and crypto wallets, using .pth persistence in Kubernetes environments. #LiteLLM #PythonSecurity #USA

The LiteLLM Supply Chain Attack: How a Security Scanner Became a Backdoor On March 24, 2026, versions 1.82.7 and 1.82.8 of LiteLLM — with ~97 million monthly downloads — were found to contain a credential-stealing backdoor. Here's what happened, how it worked, and what you ...

The LiteLLM Supply Chain Attack: How a Security Scanner Became a Backdoor

techlife.blog/posts/litell...

#LiteLLM #SupplyChainAttack #PyPI #Security #Malware #Python #TeamPCP #AISecurity

#Delve did the security compliance on #LiteLLM, an #AI project hit by #malware

techcrunch.com/2026/03/25/delve-did-the...

#cybersecurity

Your AI Gateway Was a Backdoor: Inside the LiteLLM Supply Chain Compromise TeamPCP executed a coordinated multi-ecosystem supply chain campaign that compromised Trivy CI/CD runners and pushed trojanized LiteLLM versions (1.82.7 and 1.82.8) to PyPI, deploying a three-stage payload that harvested credentials, targeted Kubernetes clusters, and installed a persistent backdoor. The incident demonstrates how AI proxy services that centralize API keys become high-value...

TeamPCP compromised Trivy CI/CD runners to inject trojanized LiteLLM versions 1.82.7 and 1.82.8 into PyPI, deploying a multi-stage payload targeting credentials, Kubernetes clusters, and establishing persistent backdoors. #SupplyChain #LiteLLM

this was wild! "The public GitHub issue has been closed as "not planned" by the owner, and is spammed by hundreds of bots to dillute the discussion. The author of litellm have been very likely fully compromised." #litellm #supplychain #attack

Une cyberattaque au coeur de l'IA sème la panique chez les développeurs Une cyberattaque massive vient de frapper le monde de l'intelligence artificielle. Des pirates sont en effet parvenus à compromettre une brique logicielle utilisée par de nombreux développeurs. Le hac...

Une #cyberattaque au coeur de l’ #IA sème la panique chez les développeurs
👉 #LiteLLM, l’une des bibliothèques Python les plus utilisées dans l’écosystème de l’IA générative, vient de subir une attaque
www.01net.com/actualites/c...

Another supply chain attack hits home: LiteLLM was compromised by TeamPCP. Learn how a stolen token led to a massive infostealer deployment and what it means for your software.

thepixelspulse.com/posts/litellm-malware-at...

#litellm #teampcp #pypi