Top 5 LLM Gateway Alternatives After the LiteLLM Supply Chain Attack

On March 24, 2026, two backdoored versions of LiteLLM (1.82.7 and 1.82.8) were published to PyPI using stolen maintainer credentials. The malware stole SSH keys, AWS/GCP/Azure credentials, and Kubernetes secrets. It deployed persistent backdoors through .pth files. DSPy, MLflow, CrewAI, and OpenHands all pulled the compromised versions as a downstream dependency. If you're running LiteLLM in production right now, this post is for you. TL;DR - Five Alternatives Worth Evaluating Bifrost (Go, open-source) - Compiled binary, zero Python supply chain surface TensorZero (Rust) - Sub-millisecond overhead, compiled, inference-focused Cloudflare AI Gateway - Managed service, no self-hosting Kong AI Gateway - Enterprise API gateway with AI routing plugin Direct Provider SDKs - Sometimes you don't need a gateway at all What Actually Happened Snyk's detailed writeup covers the full timeline, but here's the short version: An attacker used stolen PyPI credentials to publish two malicious versions of