Mig1anc#yebuo
"Software horror: litellm PyPI supply chain attack.
Simple `pip install litellm` was enough to exfiltrate SSH keys, AWS/GCP/Azure creds, Kubernetes configs, git credentials, env vars (all your API keys), crypto wallets, SSL private keys, CI/CD secrets, ... passwords."
#ooops #grubo #jprdl
x.com/karpathy/statu...
x.com/karpathy/statu...
Andrej Karpathy (@karpathy) on X
Software horror: litellm PyPI supply chain attack. Simple `pip install litellm` was enough to exfiltrate SSH keys, AWS/GCP/Azure creds, Kubernetes configs, git credentials, env vars (all your API keys), shell history, crypto wallets, SSL private keys, CI/CD secrets, database