LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks

2026-03-25 14:03

A slew of supply chain attacks against popular open source tools and packages appears to have been orchestrated by TeamPCP, a cybercriminal group that rose to prominence in late 2025. The latest victim of the group is BerryAI’s popular LiteLLM library, a unified interface that makes it easier for apps to switch between various LLMs: on March 24, TeamPCP uploaded two compromised versions (1.82.7 and 1.82.8) on PyPI that included a credential stealer and a … More →

The post LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks appeared first on Help Net Security.

This article has been indexed from Help Net Security

Read the original article:

LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks

← TeamPCP Expands Supply Chain Campaign With LiteLLM PyPI Compromise

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI →

LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks

Read the original article:

Like this:

Related

Read the original article:

Share this:

Like this:

Related

Post navigation