[Security]: CRITICAL: Malicious litellm_init.pth in litellm 1.82.8 PyPI package — credential stealer Summary The litellm==1.82.8 wheel package on PyPI contains a malicious .pth file (litellm_init.pth, 34,628 bytes) that automatically exe...

Hacker News is a community-driven platform for sharing and discussing technology news, startups, and programming-related topics. Through user submissions and comments, Hacker News offers insights into emerging technology trends, industry developments, and entrepreneurial ventures. Readers can participate in discussions, share their insights, and stay informed about the latest advancements in technology and innovation.

Hacker News

A critical security vulnerability was discovered in litellm version 1.82.8 on PyPI. The wheel package contains a malicious .pth file (litellm_init.pth) that automatically executes a credential-stealing script every time Python starts — no import required. The payload is double base64-encoded and performs extensive data collection including environment variables, SSH keys, AWS/GCP/Azure credentials, Kubernetes configs, Docker configs, shell history, crypto wallets, and CI/CD secrets. Collected data is AES-256 encrypted, RSA-wrapped, and exfiltrated to an attacker-controlled domain (models.litellm.cloud). Anyone who installed this version should immediately rotate all credentials and check for the malicious .pth file in their site-packages directory.

Issue · GitHub