Popular #LiteLLM #PyPI package #backdoored to steal #credentials , auth #tokens

The #TeamPCP #hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI & claiming to have stolen data from hundreds of thousands of devices during the attack.

LiteLLM is an open-source #Python library that serves as a gateway to multiple large language model ( #LLM ) providers via a single #API.
#privacy #security #supplychain

https://www.bleepingcomputer.com/news/security/popular-litellm-pypi-package-compromised-in-teampcp-supply-chain-attack/

Telnyx PyPI Supply-Chain Campaign Targets Developers with WAV-Based Malware

A malicious Python package hosted on PyPI was discovered to contain a hidden backdoor that delivers malware concealed within WAV audio files.

Pulse ID: 69c7dc08eccb099120febe32
Pulse Link: https://otx.alienvault.com/pulse/69c7dc08eccb099120febe32
Pulse Author: cryptocti
Created: 2026-03-28 13:47:52

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BackDoor #CyberSecurity #InfoSec #Malware #OTX #OpenThreatExchange #PyPI #Python #bot #developers #cryptocti

BEEP, BEEP - I am your friendly #Snakemake release announcement bot.

There is a new release of Snakemake. Its version now is 9.19.0!

Give us some time, and you will automatically find it on #Bioconda and #Pypi.

The maintainer is here on Mastodon -
@johanneskoester .

If you discover any issues, please report them on https://github.com/snakemake/snakemake/issues.

See https://github.com/snakemake/snakemake/releases/tag/v9.19.0 for details. Here is the header of the changelog:
𝑅𝑒𝑙𝑒𝑎𝑠𝑒 𝑁𝑜𝑡𝑒𝑠 (𝑝𝑜𝑠𝑠𝑖𝑏𝑙𝑦 𝑎𝑏𝑏𝑟𝑖𝑔𝑒𝑑):
𝐅𝐞𝐚𝐭𝐮𝐫𝐞𝐬

* clean up profile handling, switch to `profile.yaml` as default file name, allow specifying yaml file instead of dir: https://github.com/snakemake/snakemake/issues/4087

𝐁𝐮𝐠 𝐅𝐢𝐱𝐞𝐬

* avoid race conditions in wrapper/script/notebook retrieval; better error messages for missing wrappers; introduction of DAGProcessorBase for modularization of DAG processing code: https://github.com/snakemake/snakemake/issues/4133

𝐃𝐨𝐜𝐮𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧

* update installation instuctions: https://github.com/snakemake/snakemake/issues/4025

Boy, pretty soon I won't be using any third party python libraries at ALL. #pypi #malware

https://www.bleepingcomputer.com/news/security/backdoored-telnyx-pypi-package-pushes-malware-hidden-in-wav-audio/

🐍 Popular telnyx package compromised on PyPI by TeamPCP

｢ The injection is in telnyx/_client.py, which runs at import time. No install hook to disable, no postinstall to block. Just import telnyx and the malware runs. ｣

https://www.aikido.dev/blog/telnyx-pypi-compromised-teampcp-canisterworm

#telnyx #supplychain #pypi #infosec

The telnyx packages on PyPI have been compromised

https://lwn.net/Articles/1065059/

#HackerNews #telnyx #PyPI #compromise #security #cybersecurity #Python #packages

AI Infrastructure Supply Chain Poisoning Alert

A supply chain poisoning attack on LiteLLM, a popular AI model gateway, was detected by NSFOCUS Technology CERT. The TeamPCP group compromised the Trivy security scanning tool used in LiteLLM's release process, allowing them to publish malicious versions 1.82.7 and 1.82.8 on PyPI. These versions contained credential-stealing programs that collected sensitive data and, if a Kubernetes cluster was detected, deployed privileged Pods and implanted persistent backdoors. The attack impacted numerous dependent packages and potentially affected millions of users. The incident highlights the growing risks in AI infrastructure and the need for robust supply chain security measures.

Pulse ID: 69c6d3a930c99b3993018f22
Pulse Link: https://otx.alienvault.com/pulse/69c6d3a930c99b3993018f22
Pulse Author: AlienVault
Created: 2026-03-27 18:59:53

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BackDoor #CyberSecurity #InfoSec #OTX #OpenThreatExchange #PyPI #SupplyChain #bot #AlienVault