Heads up: LiteLLM, a very popular AI model wrapper, has been compromised.

mttaggart@infosec.exchange

Heads up: LiteLLM, a very popular AI model wrapper, has been compromised. See the attached issue for details and recommended actions.

[Security]: litellm PyPI package (v1.82.7 + v1.82.8) compromised — full timeline and status · Issue #24518 · BerriAI/litellm

[LITELLM TEAM UPDATES] Compromised packages have been deleted (v1.82.7, v1.82.8) Compromise came from trivvy security scan dependency All maintainer accounts have been rotated (new maintainer accounts: @krrish-berri-2 , @ishaan-berri) Pr...

GitHub (github.com)

mttaggart@infosec.exchange

No kidding, this package is in a lot more places than you might expect. PyPi has removed the package, but versions 1.82.7 and 1.82.8 are affected. Search for them in your environment now.

varx@defcon.social

@mttaggart when you check your cluster and the container was on 1.82.6 . that was a close one.

richardoc@infosec.exchange

@varx @mttaggart official containers are thought to be unaffected (as of 16:03UTC )

mttaggart@infosec.exchange

@RichardoC @varx Yes, based on pinning to earlier versions, per this comment:

[Security]: litellm PyPI package (v1.82.7 + v1.82.8) compromised — full timeline and status · Issue #24518 · BerriAI/litellm

[LITELLM TEAM UPDATES] Compromised packages have been deleted (v1.82.7, v1.82.8) Compromise came from trivvy security scan dependency All maintainer accounts have been rotated (new maintainer accounts: @krrish-berri-2 , @ishaan-berri) Pr...

GitHub (github.com)