Sup hackers.
The supply chain is on fire right now.
On March 24, 2026, two versions of the litellm Python package on PyPI (1.82.7 and 1.82.8) were found to contain malicious code. LiteLLM, if you're not familiar, is one of the most common libraries in the AI dev stack.
As organizations rapidly adopt AI technologies, the surrounding software supply chain is becoming an increasingly attractive attack surface. Components like litellm occupy a central position in the AI stack, handling sensitive data and credentials that connect applications to external services.
The crazy is part is how LiteLLM got compromised. A maintainer of LiteLLM did the right thing: he used a security tool. Trivy, to be specific. Unfortunately for him and Trivy, the tool had also been compromised. A hacked version of Trivy was used in a security run to secure LiteLLM, eventually compromising the PyPi publish token.
Your security tooling is now part of your attack surface too. Your scanners, your linters, your CI actions: they're trusted, they run with elevated privileges, and they're often maintained by small teams. Juicy targets for supply chain attacks.
The payload was a three-stage attack: a credential harvester sweeping SSH keys, cloud credentials, Kubernetes secrets, cryptocurrency wallets, and .env files; a Kubernetes lateral movement toolkit deploying privileged pods to every node; and a persistent systemd backdoor polling a C2 server for additional binaries.
The compromised versions were available on PyPI for at least two hours. Given the package's three million daily downloads, the exposure window was pretty significant.
If you installed LiteLLM in the last 48 hours, it's smart to assume some level of credential compromise. Rotate all credentials (keys, passwords, tokens) that were present as environment variables or in config files on any system where the affected versions were installed. Revert to LiteLLM 1.82.6 or earlier.
Stay sharp out there!
Happy hacking,
Low Level
P.S., in the era of AI everything, learning the fundamentals of how computers work is more important than ever. The best way to do that and stand out from the crowd is learning to code in C. check out my course for more info.
