The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in BerriAI LiteLLM to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in BerriAI LiteLLM, tracked as CVE-2026-42208 (CVSS score of 9.3), to its Known Exploited Vulnerabilities (KEV) catalog. At the end of April, attackers rapidly exploited the critical…
Tag: LiteLLM
AI, Endpoint, Exploits, Global Security News
CVE-2026-42208: LiteLLM bug exploited 36 hours after its disclosure
Attackers quickly exploited a critical LiteLLM flaw (CVE-2026-42208) to access and modify sensitive database data via SQL injection. Attackers rapidly exploited a critical vulnerability in LiteLLM Python package, tracked as CVE-2026-42208, just days after it became public. The vulnerability, an SQL injection in the proxy API key verification process, lets attackers access and potentially modify database…
Exploits, Global Security News
Hackers are exploiting a critical LiteLLM pre-auth SQLi flaw
Hackers are targeting sensitive information stored in the LiteLLM open-source large-language model (LLM) gateway by exploiting a critical vulnerability tracked as CVE-2026-42208. […]
AI, Data Breaches, Global Security News
AI Firm Mercor Confirms Breach as Hackers Claim 4TB of Stolen Data
AI firm Mercor confirms a breach linked to a LiteLLM supply chain attack, as hackers claim to have stolen 4TB of sensitive data and internal systems.
AI, Apps, Data Breaches, Endpoint, Global Security News, malware, Network Security, Risk Management
SentinelOne autonomous detection blocks trojaned LiteLLM triggered by Claude Code
SentinelOne AI stopped a LiteLLM supply chain attack in seconds, blocking malicious code automatically without human intervention. SentinelOne’s AI-based security detected and blocked a supply chain attack involving a compromised LiteLLM package. SentinelOne’s macOS agent detected and stopped a malicious process chain triggered by Claude Code after it unknowingly installed a compromised LiteLLM package. The…
AI, Global Security News
TeamPCP’s Telnyx Attack Marks a Shift in Tactics Beyond LiteLLM
Moving beyond their LiteLLM campaign, TeamPCP weaponizes the Telnyx Python SDK with stealthy WAV‑based payloads to steal credentials across Linux, macOS, and Windows.
Global Security News, malware
TeamPCP Expands Supply Chain Campaign With LiteLLM PyPI Compromise
Python package LiteLLM compromised with credential-stealing malware linked to TeamPCP threat group
AI, Global Security News
TeamPCP Hits Trivy, Checkmarx, and LiteLLM in Credential Theft Campaign
Hackers compromised Trivy, Checkmarx, and LiteLLM in a supply chain attack, stealing cloud credentials, tokens, and crypto wallet data from developers.
AI, Data Breaches, Exploits, Global Security News, malware
Malicious LiteLLM versions linked to TeamPCP supply chain attack
TeamPCP backdoored LiteLLM v1.82.7–1.82.8, likely via Trivy CI/CD, adding tools to steal credentials, move in Kubernetes, and keep persistent access. Threat actor TeamPCP compromised LiteLLM versions 1.82.7 and 1.82.8, likely through a Trivy CI/CD breach. LiteLLM, with over 95 million monthly downloads, helps developers route LLM requests via a single API. The malicious releases, now…
GeekGuyBlog
Rising Cyber Threats: TeamPCP Targets Checkmarx KICS Code Scanner
Explore the alarming rise in cyber threats as TeamPCP targets key development tools, highlighting vulnerabilities in the software security landscape.
AI, Global Security News
Popular LiteLLM PyPI package compromised in TeamPCP supply chain attack
The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular “LiteLLM” Python package on PyPI and claiming to have stolen data from hundreds of thousands of devices during the attack. […]