Supply Chain Attack: Malicious PyPI Packages
Essential information
- Published
- 25/03/2026 10:38
- Modified
- 27/03/2026 00:08
- Tags
- 2026-03-25 cloud security litellm pypi supply chain attack
- Related entities
- 1 observables, 1 intrusion sets (apt), 12 techniques (mitre), 2 others
Description
TeamPCP has launched a supply chain attack targeting LiteLLM, an open-source Python library used in 36% of cloud environments. Malicious versions 1.82.7 and 1.82.8 were published on PyPI, employing sophisticated techniques for payload delivery and persistence. The compromised packages exploit Python's .pth mechanism for stealthy execution across any Python process. The malware collects sensitive data including API keys, cloud credentials, and CI/CD secrets, encrypting and exfiltrating them to attacker-controlled domains. This attack follows TeamPCP's previous compromises of Aqua Security's Trivy and Checkmarx tools, highlighting an ongoing campaign against the open-source ecosystem. The incident underscores the potential for widespread impact and the need for vigilance in software supply chain security.