Cloud Threat Landscape
  • Incidents
  • Actors
  • Techniques
  • Defenses
  • Tools
  • Targeted Technologies
  • Posters & Newspapers
  • About
  • RSS
  • STIX
  • Back to wiz.io

Made with 💙 by Wiz

Last Updated: April 3, 2025

Cloud Threat Landscape
/Incidents
Incidents
/
LiteLLM supply chain attack

LiteLLM supply chain attack

Type
Incident
Actors
TeamPCP
Pub. date
March 24, 2026
Initial access
Supply chain vector
Impact
Supply chain attack
Observed techniques
Supply Chain CompromisePublishing trojanized npm packagesPackage hijacking
Targeted technologies
LiteLLMGitHub
References
https://www.wiz.io/blog/threes-a-crowd-teampcp-trojanizes-litellm-in-continuation-of-campaign
Status
Finalized
Last edited
Apr 5, 2026 2:04 PM

Malicious versions of the LiteLLM python package (1.82.7 and 1.82.8) were published on the morning of 24 March 2026. The compromised packages employed two different methods to deliver their payload. The packages were published at approximately 8:30 UTC and quarantined by PyPI at 11:25 UTC. An PyPI advisory has been posted here, identifying an API token exposed via the prior Trivy incident as the root cause.