A critical security vulnerability was discovered in litellm version 1.82.8 on PyPI. The wheel package contains a malicious .pth file (litellm_init.pth) that automatically executes a credential-stealing script every time Python starts — no import required. The payload is double base64-encoded and performs extensive data

4m read timeFrom github.com
Post cover image
Table of contents
SummaryReproductionMalicious Behavior (full analysis)Key Technical DetailsImpactAffected VersionRecommended ActionsEnvironment

Sort: