This issue
report describes a credential-stealing attack buried within LiteLLM
1.82.8 in the PyPI repository. It collects and exfiltrates a wide variety
of information, including SSH keys, credentials for a number of cloud
services, crypto wallets, and so on. Anybody who has installed this
package has likely been compromised and needs to respond accordingly.
Update: see this
futuresearch article for some more information. "The release
contains a malicious .pth file (litellm_init.pth) that executes
automatically on every Python process startup when litellm is installed in
the environment."
https://lwn.net/Articles/1064479/
--- SBBSecho 3.37-Linux
* Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (618:250/24)