Vito Botta

LiteLLM just got hit by a supply chain attack. 95M monthly downloads, and two versions (1.82.7 and 1.82.8) had credential-stealing code slipped in.

The attack path is worth noting. The attackers compromised Trivy, a vulnerability scanner used in LiteLLM's CI/CD pipeline.

1/2

Mar 24 at 7:54pmWeb
Show threadVito Botta2d ago

They grabbed the PyPI publishing token from an .env file and pushed malicious code.

The fix? Pin your GitHub Actions to specific commits, not version tags. And maybe stop putting secrets in .env files....

If you pulled either of those versions, rotate your credentials now.

2/2