Critical Security Alert: Malicious Credential-Stealing File Found in litellm 1.82.8 PyPI Package
By
theanonymousone
Properly proved. Has structure, has flavour, has a point.
Summary
The article reports a critical security vulnerability in the litellm==1.82.8 Python package on PyPI, which contains a malicious .pth file that automatically executes a credential-stealing script whenever Python starts. This supply chain compromise allows attackers to steal credentials without requiring the user to import the package. The malicious file is embedded in the package's official distribution and executes a multi-stage payload that collects system information, establishes persistence, and exfiltrates stolen data to attacker-controlled servers.
Key quotes
· 4 pulledThe litellm==1.82.8 wheel package on PyPI contains a malicious .pth file (litellm_init.pth, 34,628 bytes) that automatically executes a credential-stealing script every time the Python interpreter starts — no import litellm required.
This is a supply chain compromise. The malicious file is listed in the package's own RECORD.
The payload is double base64-encoded. When decoded, it performs the following: Stage 1: Information Collection
This is a critical security vulnerability affecting users who have installed or may install this specific version of the litellm package.
You might also wanna read
GitHub Copilot CLI Vulnerabilities Allow Remote Code Execution and Malware Download
GitHub Copilot CLI has security vulnerabilities that allow remote code execution via indirect prompt injection, enabling malware to be downl
promptarmor.com·3mo ago
Security Researcher Discovers Vulnerabilities in VSCode Extensions and Core Software
A security researcher details their discovery and disclosure of three vulnerabilities in VSCode extensions and one in VSCode itself (CVE-202
blog.trailofbits.com·3mo ago
Analysis of CVE-2025-14986: Temporal's Masked Namespace Vulnerability Enabling Cross-Tenant Security Bypass
The article details CVE-2025-14986, a security vulnerability in Temporal's ExecuteMultiOperation endpoint that allows cross-tenant policy an
depthfirst.com·3mo ago
Notepad++ Update Infrastructure Compromised by State-Sponsored Hackers
Notepad++, a popular text editor, was compromised by state-sponsored hackers who hijacked its update infrastructure to redirect traffic to m
notepad-plus-plus.org·3mo ago
OpenCode AI Coding Agent Hit with Critical Remote Code Execution Vulnerability
OpenCode, a popular open-source AI coding agent, was recently hit with a critical CVE (Common Vulnerabilities and Exposures) that allowed fo
johncodes.com·4mo ago
Heap-Buffer-Overflow Vulnerability Discovered in FFmpeg's EXIF Writer for Image Formats
The article details the discovery of a four-byte heap-buffer-overflow vulnerability in FFmpeg's EXIF writer when processing extra IFD (Image