LiteLLM
is a gateway library providing access to a number of large language models (LLMs); it is popular and widely used. On March 24, the word went out
that the version of LiteLLM found in the Python
Package Index (PyPI) repository had been
compromised with information-stealing malware and downloaded thousands of times, sparking concern across the net. This may look like just another supply-chain attack - and it is - but the way it came about reveals just
how many weak links there are in the software supply chains that we all
depend on.
https://lwn.net/Articles/1064693/
--- SBBSecho 3.37-Linux
* Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (618:250/24)