Python Supply-Chain Compromise

A critical supply chain compromise has been discovered in the Python Package Index (PyPI), specifically in the litellm package version 1.82.8. The malicious wheel file contains a .pth file (litellm_init.pth) that automatically executes upon Python interpreter startup without requiring any explicit import by the user. This stealthy execution mechanism allows the malicious code to run silently on any system that has the compromised package installed, enabling potential data exfiltration, credential theft, or further system compromise. Organizations using litellm should immediately audit their environments, remove the affected version, and implement supply chain security measures such as SBOMs, SLSA provenance, and SigStore signatures to prevent future incidents.

This is news : A malicious supply chain compromise has been identified in the Python Package Index package litellm version 1.82.8. The published wheel contains a malicious .pth file (litellm_init.pth, 34,628 bytes) which is automatically executed by the Python interpreter on every startup, without requiring any explicit import of the litellm module. There are a lot of really boring things we need to do to help secure all of these critical libraries: SBOMs, SLSA, SigStore. But we have to do them.

A critical supply chain compromise has been discovered in the Python Package Index (PyPI), specifically in the litellm package version 1.82.8. The malicious wheel file contains a .pth file (litellm_init.pth) that automatically executes upon Python interpreter startup without requiring any explicit import by the user. This stealthy execution mechanism allows the malicious code to run silently on any system that has the compromised package installed, enabling potential data exfiltration, credential theft, or further system compromise. Organizations using litellm should immediately audit their environments, remove the affected version, and implement supply chain security measures such as SBOMs, SLSA provenance, and SigStore signatures to prevent future incidents. This is news : A malicious supply chain compromise has been identified in the Python Package Index package litellm version 1.82.8. The published wheel contains a malicious .pth file (litellm_init.pth, 34,628 bytes) which is automatically executed by the Python interpreter on every startup, without requiring any explicit import of the litellm module. There are a lot of really boring things we need to do to help secure all of these critical libraries: SBOMs, SLSA, SigStore. But we have to do them. This is news : A malicious supply chain compromise has been identified in the Python Package Index package litellm version 1.82.8. The published wheel contains a malicious .pth file (litellm_init.pth, 34,628 bytes) which is automatically executed by the Python interpreter on every startup, without requiring any explicit import of the litellm module. There are a lot of really boring things we need to do to help secure all of these critical libraries: SBOMs, SLSA, SigStore. But we have to do them.