Can Artuc
You never typed pip install litellm. CrewAI did it for you. On March 24, that silent dependency stole AWS keys, SSH creds, and K8s tokens from every Python process for 5 hours. The fix existed since 2023. 95M monthly downloads. Nobody applied it. #OpenSource #Cybersecurity
Apr 1 at 10:42amWeb
Show threadCan Artuc2d ago
I wrote about the full TeamPCP attack chain, from poisoned Trivy to LiteLLM to credential theft, and what it means for every AI team building with Python: https://www.canartuc.com/95-million-downloads-poisoned-by-its-own-security-scanner/
95 Million Downloads. Poisoned by Its Own Security Scanner.

You never installed LiteLLM. CrewAI did. For 5 hours on March 24, every Python process on your machine was stealing your AWS keys, SSH credentials, and Kubernetes tokens.

Can Artuc