My minute-by-minute response to the LiteLLM malware attack
https://futuresearch.ai/blog/litellm-attack-transcript/
My minute-by-minute response to the LiteLLM malware attack
The full Claude Code transcript from discovering and responding to the litellm 1.82.8 PyPI supply chain attack on March 24, 2026 — from mysterious process explosions to malware identification to public disclosure.
GitHub, npm, PyPi, and other package registries should consider exposing a firehose to allow people to do realtime security analysis of events. There are definitely scanners that would have caught this attack immediately, they just need a way to be informed of updates.
Fibonar