Open-source AI developer tool LiteLLM was compromised by credential-harvesting malware hidden in a software dependency. The project, downloaded up to 3.4 million times daily and with 40K GitHub stars, spread through compromised packages that stole login credentials. Researchers discovered the attack after the malware crashed a developer's machine. https://techcrunch.com/2026/03/26/delve-did-the-security-compliance-on-litellm-an-ai-project-hit-by-malware/ #Tech #Startup #News #AISecurity #LiteLLM