Major compromise of the telnyx PyPI library could put millions of users at risk

TeamPCP strikes again, with almost identical code to LiteLLM.

月間9500万回ダウンのPyPIライブラリーにバックドア 認証情報の窃取 ...

PyPIで公開されているライブラリー「litellm」の特定版に不正コードが混入した。悪用によって認証情報の窃取やK8sへの横展開、永続的なバックドア設置が可能になるという。利用環境の調査および認証情報の更新が強く推奨される。
Dark Reading

TeamPCP Breaches Cloud, SaaS Instances With Stolen Credentials

The threat group's shift to speedy attacks on AWS, Azure, and SaaS instances shows organizations need to respond quickly to ...
OfficeChai

LiteLLM Attack: How a Hacked Security Tool Became a Master Key to Thousands of AI Developer ...

On the morning of March 24, 2026, tens of thousands of software developers working on AI applications were unknowingly exposed to malware.

LangChain framework hit by several worrying security issues — here's what we know

LangChain and LangGraph have patched three high-severity and critical bugs.
Security Boulevard

How GitGuardian Enables Rapid Response to the LiteLLM Supply Chain Attack

Learn how to detect compromise, assess your exposure to the LiteLLM supply chain attack, and use GitGuardian to orchestrate ...