fromThe Hacker News1 week agoInformation securityTeamPCP Backdoors LiteLLM Versions 1.82.7-1.82.8 Likely via Trivy CI/CD CompromiseTeamPCP compromised the litellm Python package, embedding malicious versions that include a credential harvester and a persistent backdoor.
fromCSO Online9 months agoInformation securityMalicious PyPI package targets Chimera users to steal AWS tokens, CI/CD secretsA malicious Python package on PyPI targets sensitive corporate credentials, posing significant risks to software supply chains.
Information securityfromThe Hacker News1 week agoTeamPCP Backdoors LiteLLM Versions 1.82.7-1.82.8 Likely via Trivy CI/CD CompromiseTeamPCP compromised the litellm Python package, embedding malicious versions that include a credential harvester and a persistent backdoor.
fromCSO Online9 months agoInformation securityMalicious PyPI package targets Chimera users to steal AWS tokens, CI/CD secrets
