Thankfully the LiteLLM package has now been marked as &#34;quarantined&#34; on PyPI so attempting to install the compromised update via pip et al shouldn&#39;t work

unknown

LiteLLM HAS BEEN COMPROMISED, DO NOT UPDATE. We just discovered that LiteLLM pypi release 1.82.8. It has been compromised, it contains litellm_init.pth with base64 encoded instructions to send all the credentials it can find to remote server + self-replicate. link below

LiteLLM HAS BEEN COMPROMISED, DO NOT UPDATE. We just discovered that LiteLLM pypi release 1.82.8. It has been compromised, it contains litellm_init.pth with base64 encoded instructions to send all the credentials it can find to remote server + self-replicate. link below

Simon Willison's blog offers a mix of technical tutorials, data analysis projects, and reflections on technology and society. With a focus on Python, SQL, and web development, Simon shares insights into building web applications, working with data, and exploring emerging technologies. Developers can learn about data visualization, API design, and software engineering best practices, gaining inspiration and practical knowledge to advance their careers.

Simon Willison

The LiteLLM package on PyPI has been marked as 'quarantined' following a compromised update, preventing users from installing the malicious version via pip or other package managers.

Thankfully the LiteLLM package has now been marked as "quarantined" on PyPI so attempting to install the compromised update via pip et al shouldn't work

Thankfully the LiteLLM package has now been marked as &quot;quarantined&quot; on PyPI so attempting to install the compromised update via pip et al shouldn't work