litellm supply chain compromise (95M+ downloads) tied to TeamPCP.
• Import-time + .pth execution
• Full credential harvesting
• K8s lateral movement
• Persistent systemd backdoor
Security tools are now prime targets.
Are defenses keeping up?
Source: https://www.endorlabs.com/learn/teampcp-isnt-done
Follow TechNadu for more.

#Infosec #SupplyChainSecurity #PyPI #ThreatIntel