Same playbook: inject infostealer payloads that execute during routine CI automation. LiteLLM claims ~95M monthly downloads, meaning the blast radius is anyone routing requests across LLM providers in March.
← Findings
LiteLLM and Telnyx Python SDKs poisoned on PyPI
Same playbook: inject infostealer payloads that execute during routine CI automation. LiteLLM claims ~95M monthly downloads.