星球日报|3月 25, 2026 00:14
[Litellm, with 97 million monthly downloads, suffers from a supply chain attack, allowing sensitive credentials like SSH keys to be stolen with a simple installation]
Odaily Planet Daily reports that Andrej Karpathy posted on the X platform stating that litellm has been subjected to a PyPI supply chain attack. By simply executing `pip install litellm`, attackers can steal SSH keys, AWS/GCP/Azure credentials, Kubernetes configurations, git credentials, environment variables, crypto wallet keys, SSL private keys, CI/CD keys, and database passwords. Litellm has 97 million monthly downloads, and the risk extends to all projects dependent on litellm, such as dspy. The malicious code-injected version was online for less than an hour before being discovered due to a flaw in the attack code that caused Callum McMahon's machine to run out of memory and crash. Andrej Karpathy stated that supply chain attacks are the most threatening issue in modern software, as every dependency installation could introduce tampered packages deep within the dependency tree. As a result, he is increasingly inclined to reduce dependencies and instead use LLMs to directly implement simple functionalities.
Share To
Timeline
HotFlash
APP
X
Telegram
CopyLink