LiteLLM Hit in Cascading Supply-Chain Attack

Stolen Credentials From Trivy Breach Let Hackers Push Malware to PyPI Rashmi Ramesh (rashmiramesh_) • March 26, 2026

A threat actor pushed two malware-laced versions of LiteLLM to a central repository where Python developers fetch open-source packages. The packages were downloaded 47,000 times in 46 minutes before PyPI pulled them down.

See Also: AI Impersonation Is the New Arms Race—Is Your Workforce Ready?

LiteLLM is a widely used open-source Python library that allows developers to connect applications to different artificial intelligence model providers through a single interface.

Callum McMahon, a developer at Latent Space, discovered the attack by hacker group TeamPCP after his machine crashed because the malware caused an uncontrolled chain of processes to spawn on his computer. McMahon traced the problem to a rogue package in his local cache and reported it to PyPI's security team and LiteLLM's maintainers. PyPI quarantined the package ...