LiteLLM and Telnyx compromised on PyPI: Tracing the TeamPCP supply chain campaign
3mo ago
Source
DatadogLiteLLM and Telnyx compromised on PyPI: Tracing the TeamPCP supply chain campaigndatadoghq.comOn March 24 and 27, 2026, malicious PyPI releases of LiteLLM and Telnyx were published as part of the TeamPCP supply chain campaign. We trace the full campaign from Trivy through npm, Checkmarx, and into PyPI.
You might also wanna read
Real-Time Investigation of LiteLLM 1.82.8 PyPI Supply Chain Attack on March 24, 2026
This article documents a real-time investigation and response to the LiteLLM 1.82.8 supply chain attack on March 24, 2026. It presents a min

How a Poisoned Security Scanner Became the Key to Backdooring LiteLLM
Snyk·3mo ago
PyPI Package 'Lightning' Compromised in Supply Chain Attack Affecting AI/ML Developers
The PyPI package 'lightning', a widely-used deep learning framework, was compromised in a supply chain attack affecting versions 2.6.2 and 2
PyPI Supply Chain Attacks Expand: New Malicious Packages Target Bioinformatics and MCP Developers
Socket Threat Research team identified a new wave of PyPI supply chain attacks (Mini Shai-Hulud, Miasma, and Hades) that has expanded beyond

June 2026: FortiBleed Cracks Fortinet Firewalls, Supply Chain Worms Hit npm and PyPI
SOCRadar·5d ago
Trivy Security Tool Supply Chain Compromised by Threat Actor in March 2026
A threat actor compromised the Trivy ecosystem supply chain in March 2026, using stolen credentials to publish malicious releases of Trivy v

Comments
Sign in to join the conversation.
No comments yet. Be the first.