Find notable cyber news and cases, enriched with sources, timelines, and signals.

LiteLLM Python package hit by network compromise linked to TeamPCP

Incident
First reported
Last updated
Happening score
H score 60
2 unique sources, 2 articles

Summary

Hide ▲

The LiteLLM Python package was compromised on PyPI after attackers published malicious 1.82.7 and 1.82.8 releases, putting downstream installs at risk of credential theft and persistence. The compromise is linked to TeamPCP, and the payload executes when the package is imported. The malware drops an infostealer that can harvest SSH keys, cloud tokens, Kubernetes secrets, and other sensitive data. Version 1.82.8 also adds a .pth file and a systemd service to widen execution and maintain access.

Related Happenings

Operation Navy Ghost PyPI supply-chain campaign

Campaign
H score26 First: 01.07.2026 00:02 Last: 01.07.2026 00:02 Sources 1

About this happening: The **Operation Navy Ghost** campaign has targeted **Python developers** building **Telegram bots** through trojanized **Pyrogram forks**, creating a supply-chain path to compromi...

Hades Bun-powered JavaScript stealer on PyPI

Malware Activity
H score34 First: 09.06.2026 12:13 Last: 09.06.2026 12:13 Sources 1

About this happening: A new **Hades** PyPI malware wave uses a **Python startup hook** to launch a **Bun-powered JavaScript stealer**, putting developer and CI/CD credentials at risk. The payload can h...

BerriAI LiteLLM actively exploited command injection (CVE-2026-42271)

Vulnerability
H score51 First: 09.06.2026 09:26 Last: 09.06.2026 09:26 Sources 1

About this happening: **CVE-2026-42271** in **BerriAI LiteLLM** was added to CISA's **KEV catalog** after evidence of **active exploitation**, creating remote command-execution risk for affected proxy...

Shai-Hulud supply-chain campaign spreading via stolen CI/CD credentials

Campaign
H score56 First: 12.05.2026 14:29 Last: 12.05.2026 14:29 Sources 1

About this happening: The **Shai-Hulud** **supply-chain campaign** now includes a fresh **PyPI** wave that compromised **19 packages** across **37 malicious releases**, with popular bioinformatics tool...

PyTorch Lightning hit by network compromise

Incident
H score36 First: 04.05.2026 20:15 Last: 04.05.2026 20:15 Sources 1

About this happening: A **malicious PyTorch Lightning release** on **PyPI** created a supply-chain compromise that can steal credentials as soon as the package is imported. The backdoored **version 2.6...

Timeline

  1. 25.03.2026 00:29 2 articles · 3mo ago

    Malicious LiteLLM releases deploy import-time infostealer

    Technical Analysis Update

    Threat actors compromised the LiteLLM project on PyPI and published malicious versions 1.82.7 and 1.82.8 that execute a hidden base64 payload when litellm/proxy/proxy_server.py is imported. Version 1.82.8 also drops litellm_init.pth so the code can run when Python starts, and the payload installs TeamPCP Cloud Stealer, a persistence script, and a systemd user service that supports encrypted exfiltration to models.litellm[.]cloud.

    Show sources
  2. 25.03.2026 00:29 1 articles · 3mo ago

    TeamPCP-linked LiteLLM PyPI compromise publicly disclosed

    Initial Disclosure

    TeamPCP is linked to the LiteLLM PyPI compromise and to the earlier Aqua Security Trivy vulnerability scanner breach, with cascading compromises reaching Aqua Security Docker images, Checkmarx KICS project, and LiteLLM. The attack was claimed to have stolen data from hundreds of thousands of devices, and exposed credentials were urged to be rotated immediately.

    Show sources