Tell HN: Litellm 1.82.7 and 1.82.8 on PyPI are compromised

About an hour ago new versions have been deployed to PyPI. I was just setting up a new project, and things behaved weirdly. My laptop ran out of RAM, it looked like a forkbomb was running. I've investigated, and found that a base64 encoded blob has been added to proxy_server.py. It writes and decodes another file which it then runs. I'm in the process of reporting this upstream, but wanted to give everyone here a headsup. It is also reported in this issue: https://github.com/BerriAI/litellm/issues/24512 Comments URL: https://news.ycombinator.com/item?id=47501426 Points: 11 # Comments: 3

Tell HN: Litellm 1.82.7 and 1.82.8 on PyPI are compromised

Related Articles

You Never Know Who Is Quietly Watching Your Journey

Amazon will give you a $100 gift card when you buy the Nothing Phone 4a Pro

"﷽" U+FDFD: ARABIC LIGATURE BISMILLAH AR-RAHMAN AR-RAHEEM (Unicode Character)

Best GPU for Unreal Engine 5 Lumen in 2026

300 Powerful Claude Prompts That Replace Hours of Manual Work

Related Articles

News
You Never Know Who Is Quietly Watching Your Journey
Medium Programming • 1h ago

News
Amazon will give you a $100 gift card when you buy the Nothing Phone 4a Pro
ZDNet • 1h ago

News
"﷽" U+FDFD: ARABIC LIGATURE BISMILLAH AR-RAHMAN AR-RAHEEM (Unicode Character)
Lobsters • 1h ago

News
Best GPU for Unreal Engine 5 Lumen in 2026
Medium Programming • 1h ago

News
300 Powerful Claude Prompts That Replace Hours of Manual Work
Medium Programming • 1h ago