TeamPCP, the threat actor behind the recent compromises of
Trivy and KICS, has now compromised a popular Python package named
litellm, pushing two malicious versions containing a credential
harvester, a Kubernetes lateral movement toolkit, and a persistent
backdoor. Multiple security vendors, including Endor Labs and
JFrog, revealed that litellm versions 1.82.7 and 1.82.8 were
published on
Read more https://thehackernews.com/2026/03/teampcp-backdoors-litellm-versions.html
