Malicious PyPI Package - LiteLLM Supply Chain Compromise

A malicious supply chain attack has been discovered in the Python Package Index package litellm version 1.82.8. The compromised package contains a malicious .pth file that executes automatically when the Python interpreter starts, without requiring explicit import. This file, located in site-packages/, exfiltrates sensitive information including environment variables, SSH keys, and cloud credentials to an attacker-controlled server. The payload is double base64-encoded to evade basic static analysis. PyPI administrators have quarantined the project to limit its spread. Users are advised to check for the malicious file, rotate all potentially exposed credentials, and audit their PyPI publishing process. The attack is attributed to TeamPCP and is actively exploited in the wild.

Pulse ID: 69c3bb2520934c9e0b4e5dca
Pulse Link: https://otx.alienvault.com/pulse/69c3bb2520934c9e0b4e5dca
Pulse Author: AlienVault
Created: 2026-03-25 10:38:29

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Cloud #CyberSecurity #InfoSec #OTX #OpenThreatExchange #PyPI #Python #RAT #SSH #SupplyChain #Troll #bot #AlienVault

Supply Chain Attack: Malicious PyPI Packages

TeamPCP has launched a supply chain attack targeting LiteLLM, an open-source Python library used in 36% of cloud environments. Malicious versions 1.82.7 and 1.82.8 were published on PyPI, employing sophisticated techniques for payload delivery and persistence. The compromised packages exploit Python's .pth mechanism for stealthy execution across any Python process. The malware collects sensitive data including API keys, cloud credentials, and CI/CD secrets, encrypting and exfiltrating them to attacker-controlled domains. This attack follows TeamPCP's previous compromises of Aqua Security's Trivy and Checkmarx tools, highlighting an ongoing campaign against the open-source ecosystem. The incident underscores the potential for widespread impact and the need for vigilance in software supply chain security.

Pulse ID: 69c3bb29c62248c6ffd0b50c
Pulse Link: https://otx.alienvault.com/pulse/69c3bb29c62248c6ffd0b50c
Pulse Author: AlienVault
Created: 2026-03-25 10:38:33

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Cloud #CyberSecurity #InfoSec #Malware #OTX #OpenThreatExchange #PyPI #Python #RAT #RCE #SupplyChain #Troll #bot #AlienVault

Widespread GitHub Actions Tag Compromise Exposes CI/CD Secrets

A new supply chain attack targeting Trivy has compromised 75 out of 76 version tags in the aquasecurity/trivy-action GitHub repository. The attacker force-pushed these tags to serve malicious payloads, effectively turning trusted version references into a distribution mechanism for an infostealer. The malicious code executes within GitHub Actions runners, targeting sensitive data in CI/CD environments. It harvests secrets from runner process memory and the filesystem, encrypts the collected data, and exfiltrates it to an attacker-controlled endpoint or a fallback GitHub-based channel. The attack's scope is significant, potentially affecting over 10,000 workflow files on GitHub referencing this action.

Pulse ID: 69bd18a7cc27dfdfaf6f56a4
Pulse Link: https://otx.alienvault.com/pulse/69bd18a7cc27dfdfaf6f56a4
Pulse Author: AlienVault
Created: 2026-03-20 09:51:35

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#ASEC #CyberSecurity #Endpoint #GitHub #InfoSec #InfoStealer #OTX #OpenThreatExchange #RAT #RCE #Rust #SupplyChain #Troll #bot #AlienVault

Killed my first troll! (this run)

#Valheim #Troll