🚀 Supply Chain Attack Targets PyPI Package LiteLLM with Malicious Code
#SupplyChainAttack #PyPI #LiteLLM #MaliciousCode #CyberSecurity #DataBreach #CloudSecurity #Kubernetes #CryptoSecurity #CI_CD #DatabaseSecurity
A recent supply chain attack has compromised the PyPI package LiteLLM, which is downloaded approximately 97 million times monthly. According to NS3.AI, the malicious version of the package was designed to steal sensitive information, including SSH keys, cloud credentials, Kubernetes files, git credentials, environment variables, cryptocurrency wallets, SSL private keys, CI/CD keys, and database passwords. The attack was short-lived, as the malicious code was available for less than an hour. A bug in the implant led to developer Callum McMahon's machine running out of memory and crashing, inadvertently revealing the attack.#SupplyChainAttack #PyPI #LiteLLM #MaliciousCode #CyberSecurity #DataBreach #CloudSecurity #Kubernetes #CryptoSecurity #CI_CD #DatabaseSecurity
🚀 Malicious LiteLLM Versions on PyPI Downloaded Nearly 47,000 Times in 46 Minutes
#LiteLLM #PyPI #MaliciousVersions #CyberAttack #NS3AI #FutureSearch #PythonSecurity #WalletFiles #Solana #CloudCredentials #TransitiveDependencies #SecurityThreat
Attackers released two harmful versions of LiteLLM on the Python Package Index (PyPI) on March 24. According to NS3.AI, FutureSearch reported that these versions were downloaded 46,996 times within just 46 minutes. Version 1.82.8 included a .pth file that executed with every Python startup. The payload was designed to search for wallet files, Solana validator data, and cloud credentials. LiteLLM advised that installations made during this period, which involved unpinned transitive dependencies, should be considered potentially compromised.#LiteLLM #PyPI #MaliciousVersions #CyberAttack #NS3AI #FutureSearch #PythonSecurity #WalletFiles #Solana #CloudCredentials #TransitiveDependencies #SecurityThreat
🚀 Mercor Faces Major Security Breach Affecting AI Companies
#Mercor #securitybreach #AIcompanies #OpenAI #Anthropic #Meta #supplychainattack #LiteLLM #TeamPCP #Lapsus #databreach #confidentialdata #forensicinvestigation
A significant security breach has impacted Mercor, a startup providing training data to AI companies such as OpenAI, Anthropic, and Meta. According to ChainCatcher, the incident resulted from a supply chain attack on the open-source library LiteLLM, widely used by developers to connect AI services, with millions of daily downloads.
The attack was initiated by the hacker group TeamPCP, which inserted malicious code into LiteLLM to steal credentials. Subsequently, another hacker group, Lapsus$, claimed to have obtained up to 4TB of Mercor's data, including source code, database records, internal Slack communications, and platform conversation videos. Unverified reports suggest that some customer datasets and confidential AI project information may have been compromised.
Mercor has responded swiftly to contain the situation and has launched a third-party forensic investigation to address the breach.#Mercor #securitybreach #AIcompanies #OpenAI #Anthropic #Meta #supplychainattack #LiteLLM #TeamPCP #Lapsus #databreach #confidentialdata #forensicinvestigation