If you’re doing AI/LLM development in Python, you’ve almost certainly used litellm —it’s the package that unifies calls to OpenAI, Anthropic, Cohere, etc. It has 97 million downloads per month . Yesterday, a malicious version (1.82.8) was uploaded to PyPI. For about an hour, simply running pip install litellm (or installing any package that depends on it, like DSPy ) would exfiltrate: SSH keys AWS/GCP/Azure credentials Kubernetes configs Git credentials & shell history All environment variables (API keys, secrets) Crypto wallets SSL private keys CI/CD secrets The attack was discovered by chance when a user’s machine crashed. Andrej Karpathy called it “the scariest thing imaginable in modern software.” If you installed any Python packages yesterday (especially DSPy or any litellm-dependent tool), assume your credentials are compromised and rotate everything. The malicious version is gone, but the damage may already be done. Full breakdown with how to check, what to rotate, and how to protect yourself: submitted by /u/Remarkable-Dark2840
Originally posted by u/Remarkable-Dark2840 on r/ArtificialInteligence