Forcepoint details TeamPCP supply chain attack that turned LiteLLM into a credential stealer

A new report out today from cybersecurity company Forcepoint LLC’s X-Labs research team details a supply chain attack that ...
GIGAZINE

The AI library 'LiteLLM,' which has over 40,000 GitHub stars, was subjected to a supply chain attack, resulting in the distribution of a malware version. Users' SSH keys and ...

LiteLLM ' was subjected to a supply chain attack, and it has been discovered that a malware version containing malicious modifications was temporarily distributed. It has also been found that the ...
TechCrunch

Mercor says it was hit by cyberattack tied to compromise of open source LiteLLM project

Mercor, a popular AI recruiting startup, has confirmed a security incident linked to a supply chain attack involving the open source project LiteLLM. The AI startup told TechCrunch on Tuesday that it ...

Four AI supply-chain attacks in 50 days exposed the release pipeline red teams aren't covering

Four supply-chain attacks hit OpenAI, Anthropic, and Meta in 50 days — none inside the model. A 7-row matrix maps what AI ...
Bleeping Computer

Latest Authentication Tokens news

Over a dozen companies have suffered data theft attacks after a SaaS integration provider was breached and authentication tokens stolen. The TeamPCP hacking group continues its supply-chain rampage, ...
Hosted on MSN

Silicon Valley’s two biggest dramas have intersected: LiteLLM and Delve

This is one of those Silicon Valley real-life episodes that seems pulled from the HBO satire show. This week, some really atrocious malware was discovered in an open source project developed by Y ...