{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreiae2jan7wj72gtn6akkjuxnicmfah6fzoq3qhhfclvnp5bqvpmjtq",
    "uri": "at://did:plc:3jg5ch2x6onc5mwonrp5wps6/app.bsky.feed.post/3mhywly7erjc2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreibjocckv25gnsihtaqklnkcpxcg36glbw4ab5q4pthdmu7mdcimia"
    },
    "mimeType": "image/jpeg",
    "size": 132170
  },
  "path": "/hackers-sneak-crypto-wallet-stealing-code-into-a-popular-ai-tool-that-runs-every-time/",
  "publishedAt": "2026-03-26T16:45:18.000Z",
  "site": "https://cryptoslate.com",
  "tags": [
    "Crime",
    "Featured",
    "Hacks",
    "Web3",
    "Hackers sneak crypto wallet-stealing code into a popular AI tool that runs every time",
    "CryptoSlate"
  ],
  "textContent": "A poisoned release of LiteLLM turned a routine Python install into a crypto-aware secret stealer that searched for wallets, Solana validator material, and cloud credentials every time Python started. On Mar. 24, between 10:39 UTC and 16:00 UTC, an attacker who had gained access to a maintainer account published two malicious versions of LiteLLM to […]\n\nThe post Hackers sneak crypto wallet-stealing code into a popular AI tool that runs every time appeared first on CryptoSlate.",
  "title": "Hackers sneak crypto wallet-stealing code into a popular AI tool that runs every time"
}