Supply chain attack on LiteLLM: Affected parties should change credentials

An attack on the open-source library for connecting to LLMs has apparently occurred, allowing two compromised packages to ...
PCMag

Decodo vs. IPRoyal: Which Proxy Provider Takes the Lead?

It's a close matchup on paper, but key differences in pricing, proxy scale, and transparency ultimately separate these two ...

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

The hackers compromised GitHub Action tags, then shifted to NPM, Docker Hub, VS Code, and PyPI, and teamed with Lapsus$.