A popular Python library just became a backdoor to your entire machine
-
@Khrys Wow. That's a gnarly one. I wonder how bad it is going to hit companies deep in LLM mania.
@mayintoronto @Khrys I heard some "I hope we're not using this" remarks about this today.
Hope.
-
A popular Python library just became a backdoor to your entire machine
A popular Python library just became a backdoor to your entire machine
Supply chain attacks feel like they're becoming more and more common.
XDA (www.xda-developers.com)
It's one of the most popular Python libraries for interacting with large language models [...] It has over 40,000 stars on GitHub, and it's an important dependency in a lot of AI tooling. It's also been compromised on PyPI, and the malicious versions are stealing everything they can find on your machine.
Sorry but...
@Khrys Wait, what? Python has a place you can install the Python equivalent of LD_PRELOAD code that gets injected into every program, and packages from their package manager can just drop stuff in there? Who came up with that shit and why isn't it fixed??
-
@mayintoronto @Khrys I heard some "I hope we're not using this" remarks about this today.
Hope.
-
A popular Python library just became a backdoor to your entire machine
A popular Python library just became a backdoor to your entire machine
Supply chain attacks feel like they're becoming more and more common.
XDA (www.xda-developers.com)
It's one of the most popular Python libraries for interacting with large language models [...] It has over 40,000 stars on GitHub, and it's an important dependency in a lot of AI tooling. It's also been compromised on PyPI, and the malicious versions are stealing everything they can find on your machine.
Sorry but...
@Khrys I was looking for this take today though I didn't look hard because I have other things to do. But I definitely need a big bag of
. -
@Khrys Wait, what? Python has a place you can install the Python equivalent of LD_PRELOAD code that gets injected into every program, and packages from their package manager can just drop stuff in there? Who came up with that shit and why isn't it fixed??
@dalias @Khrys it's an hook from the 'site' module, which is what implements support for user installable package locations, and can be disabled completely. if your threat model allows malware to be installed to those locations, you are already compromised anyway. the hook isn't great sure โ it's an old design that's difficult to replace without major downstream breakage โ but there are many other ways you can amplify the attack, regardless.
-
A popular Python library just became a backdoor to your entire machine
A popular Python library just became a backdoor to your entire machine
Supply chain attacks feel like they're becoming more and more common.
XDA (www.xda-developers.com)
It's one of the most popular Python libraries for interacting with large language models [...] It has over 40,000 stars on GitHub, and it's an important dependency in a lot of AI tooling. It's also been compromised on PyPI, and the malicious versions are stealing everything they can find on your machine.
Sorry but...
@Khrys seriously, guys, don't use LLM, it is not worth it. Any savings you imagine are offset by security problems, anxiety, worries of unethical use, e.g.
-
@Khrys seriously, guys, don't use LLM, it is not worth it. Any savings you imagine are offset by security problems, anxiety, worries of unethical use, e.g.
@peteriskrisjanis @Khrys Even Linux uses it now... https://hachyderm.io/@ell1e/116285351290767548 trying to understand on what grounds the LF thinks this is safe, feel free to jump in or boost.
-
A popular Python library just became a backdoor to your entire machine
A popular Python library just became a backdoor to your entire machine
Supply chain attacks feel like they're becoming more and more common.
XDA (www.xda-developers.com)
It's one of the most popular Python libraries for interacting with large language models [...] It has over 40,000 stars on GitHub, and it's an important dependency in a lot of AI tooling. It's also been compromised on PyPI, and the malicious versions are stealing everything they can find on your machine.
Sorry but...
@Khrys @pluralistic Many systems have equally enormous attack surfaces, but Python probably stands head and shoulders above, due to ubiquity.
-
@Khrys @pluralistic Many systems have equally enormous attack surfaces, but Python probably stands head and shoulders above, due to ubiquity.
@jeffmcneill @Khrys @pluralistic it is a mad race with Nodeโฆ
-
A popular Python library just became a backdoor to your entire machine
A popular Python library just became a backdoor to your entire machine
Supply chain attacks feel like they're becoming more and more common.
XDA (www.xda-developers.com)
It's one of the most popular Python libraries for interacting with large language models [...] It has over 40,000 stars on GitHub, and it's an important dependency in a lot of AI tooling. It's also been compromised on PyPI, and the malicious versions are stealing everything they can find on your machine.
Sorry but...
-
A popular Python library just became a backdoor to your entire machine
A popular Python library just became a backdoor to your entire machine
Supply chain attacks feel like they're becoming more and more common.
XDA (www.xda-developers.com)
It's one of the most popular Python libraries for interacting with large language models [...] It has over 40,000 stars on GitHub, and it's an important dependency in a lot of AI tooling. It's also been compromised on PyPI, and the malicious versions are stealing everything they can find on your machine.
Sorry but...
@Khrys LiteLLM v. 1.82.8
saved everyone a click -
@lenotaire @Khrys wtf is clickbait in that? This is a good writeup what is happening, how it is happening, who is targeted, names the affected lib in the very first sentence and shows how to figure out if it is installed.
Yes this is
but clickbait?? -
@lenotaire @Khrys wtf is clickbait in that? This is a good writeup what is happening, how it is happening, who is targeted, names the affected lib in the very first sentence and shows how to figure out if it is installed.
Yes this is
but clickbait??@bekopharm @Khrys The tut said "A popular Python library" and "It's one of the most popular Python libraries for interacting with large language models". No mention at all of "litellm" until opening the link. That's why I called it a clickbait
-
R relay@relay.publicsquare.global shared this topic
