Compromised LiteLLM Leaks Sensitive Data

I recently came across a security issue with LiteLLM that really caught my attention. A compromised version of the package was capable of leaking sensitive data like API keys and environment variables. As someone working closely with backend systems and LLM integrations, this hit home. We often: Store secrets in env files Trust popular libraries blindly Focus more on features than security But incidents like this show: 👉 The weakest link can be a dependency you didn’t question. What I’m taking away from this: Always pin dependency versions Regularly audit packages Rotate secrets proactively Never assume "popular = safe" Security is not a separate task — it's part of engineering. #Backend #Security #Python #LLM #SoftwareEngineering #FASTAPI

TeamPCP keeps on attacking high-profile targets. A few minutes ago, we detected a compromise of the popular Python package LiteLLM, which has >95 million monthly downloads. The affected versions are 1.82.7 and 1.82.8, and have been removed already. Full technical writeup by Kiran Raj: https://lnkd.in/es6f5S_p #opensource #security

I've open sourced my radare2 Python script for parsing .gopclntab and recovering function symbols from Go binaries, including fully stripped ones. Supports ELF, Mach-O, and PE across Go versions 1.2, 1.16, 1.18, and 1.20+. https://lnkd.in/g-S6EECg I hope you find it useful. #radare2 #Go #Golang #ReverseEngineering #RE #Reversing #malware #vulnerabilityResearch

Logout in AuthShield was supposed to be straightforward. User clicks logout. Token gets invalidated. Done. Except a JWT cannot be invalidated. It is a signed string. There is nothing to delete. It just keeps working until it expires. That one realization pulled on everything else. If logout needs a blacklist, access tokens need to be short-lived so the blacklist stays small. If tokens are short-lived, users cannot stay logged in without constantly re-authenticating. That means two tokens - a short-lived access token for requests, a long-lived refresh token to silently replace it. But a long-lived refresh token is a theft target. So it rotates on every use. But rotation alone does not stop an attacker who uses the token before the real user does. Token families. Every refresh token belongs to a chain tied to a single login. The moment an already-rotated token is used again, the entire chain is revoked. Attacker and real user both get logged out. Four problems. Each one hiding behind the previous one. Full breakdown with the Python implementation in the blog. Link in the comments 👇 #BackendEngineering #Python #JWT #Security #Authentication #SoftwareEngineering

Day 4 Everyone's installing a popular AI memory tool with 53K GitHub stars. I ran a 10-dimension comparison against my system. I adopted zero of their code. What I found in their codebase: - 4 critical security vulnerabilities - 5 external dependencies (Bun + SQLite + Chroma + Python + daemon) - User reports of *increased* token usage (issue #618) My system: zero vulns, zero external deps, zero extra API cost. I borrowed exactly ONE concept: auto session summaries. Built it in 30 min. No new deps. No API calls. The right architecture beats 53K stars. Full 10-dimension breakdown → cikizeng.com/case-studies #BuildInPublic #AIEngineering #SaaS

CRITICAL SECURITY ADVISORY 24.03.2026: Talk to your tech team right now. If you are using LiteLLM (a python package to be able to use multiple AI vendors), you may be at risk. The last two versions 1.82.7 and 1.82.8 on PyPI have been compromised.

🚀 Just finished building Ghost-Cred - a local-first Python CLI tool designed to streamline credential intelligence during penetration testing engagements. The goal was simple: create a practical solution tailored for internal pentest workflows, moving beyond generic security scripts. Key features of Ghost-Cred: 🔹 Seamlessly initialize and switch between active engagements 🔹 Add hosts and credentials directly from the terminal 🔹 Map credentials to specific systems and services 🔹 Support for both password and hash-based entries 🔹 Consolidated host/credential mappings via clean terminal tables 🔹 Optimized for a fast, terminal-centric workflow Tech Stack: 🐍 Python | 🗄️ SQLite | 🎨 Rich | 💻 CLI Design | 📦 pipx This project was a deep dive into: ✅ Designing tools around real-world operator workflows ✅ Building intuitive, command-based UX ✅ Structuring local data models for complex host/credential relationships ✅ Polishing terminal apps for maximum usability Excited to keep refining the workflow and adding new capabilities! 🛠️ #Python #Cybersecurity #PenetrationTesting #CLI #SQLite #Automation #OffensiveSecurity #GitHubProjects #SoftwareEngineering #Infosec https://lnkd.in/ehv8GjQB

TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 Likely via Trivy CI/CD Compromise: TeamPCP, the threat actor behind the recent compromises of Trivy and KICS, has now compromised a popular Python package named litellm, pushing two malicious versions containing a credential harvester, a Kubernetes lateral movement toolkit, and a persistent backdoor. Multiple security vendors, including Endor Labs and JFrog, revealed that litellm versions 1.82.7 and 1.82.8 were published on

TeamPCP, the threat actor behind the recent compromises of Trivy and KICS, has now compromised a popular Python package named litellm, pushing two malicious versions containing a credential harvester, a Kubernetes lateral movement toolkit, and a persistent backdoor. Multiple security vendors, including Endor Labs and JFrog, revealed that litellm versions 1.82.7 and 1.82.8 were published on March