Khrys1d ago

A popular Python library just became a backdoor to your entire machine

https://www.xda-developers.com/popular-python-library-backdoor-machine/

It's one of the most popular Python libraries for interacting with large language models [...] It has over 40,000 stars on GitHub, and it's an important dependency in a lot of AI tooling. It's also been compromised on PyPI, and the malicious versions are stealing everything they can find on your machine.

Sorry but... 🍿

A popular Python library just became a backdoor to your entire machine

Supply chain attacks feel like they're becoming more and more common.

XDA
Show threadxrvs21h ago
@Khrys could you just say what the library is instead of vague “a popular python library”? that page doesn’t load for me
Show threadPypeBros
@xarvos @Khrys
> If you use LiteLLM, you need to check your installed version now. Run "pip show litellm" and verify you're not on 1.82.7 or 1.82.8
12:21pmWeb