Forcepoint details TeamPCP supply chain attack that turned LiteLLM into a credential stealer

A new report out today from cybersecurity company Forcepoint LLC’s X-Labs research team details a supply chain attack that ...
GIGAZINE

The AI library 'LiteLLM,' which has over 40,000 GitHub stars, was subjected to a supply chain attack, resulting in the distribution of a malware version. Users' SSH keys and ...

LiteLLM ' was subjected to a supply chain attack, and it has been discovered that a malware version containing malicious modifications was temporarily distributed. It has also been found that the ...

Four AI supply-chain attacks in 50 days exposed the release pipeline red teams aren't covering

Four supply-chain attacks hit OpenAI, Anthropic, and Meta in 50 days — none inside the model. A 7-row matrix maps what AI ...
TechCrunch

Silicon Valley’s two biggest dramas have intersected: LiteLLM and Delve

This is one of those Silicon Valley real-life episodes that seem pulled from the HBO satire show. This week, some really atrocious malware was discovered in an open source project developed by Y ...

Meta Pauses Work With Mercor After LiteLLM-Linked Data Breach

Meta has paused work with Mercor after a LiteLLM-linked security breach, raising new concerns about AI vendor risk and ...
Bleeping Computer

Latest Authentication Tokens news

Over a dozen companies have suffered data theft attacks after a SaaS integration provider was breached and authentication tokens stolen. The TeamPCP hacking group continues its supply-chain rampage, ...