{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreiguqijleyaxqfemc55btsxcglzxvg4iayzfqceasdngbwzaw4tkla",
    "uri": "at://did:plc:6wtxqaikjf62unmnajbfbq5v/app.bsky.feed.post/3micw6bndjup2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreihmhtgl7dyb6krsqrzzed3uttzqp2257h6ijvvzeuivsxaemzynqi"
    },
    "mimeType": "image/jpeg",
    "size": 287849
  },
  "path": "/teampcp-backdoored-litellm-on-pypi-after-the-trivy-compromise/",
  "publishedAt": "2026-03-30T17:36:15.000Z",
  "site": "https://vpncentral.com",
  "tags": [
    "News",
    "TeamPCP backdoored LiteLLM on PyPI after the Trivy compromise",
    "VPN Central"
  ],
  "textContent": "LiteLLM was hit by the growing TeamPCP supply chain campaign on March 24, 2026, when attackers published two malicious PyPI versions, 1.82.7 and 1.82.8. Berri AI, which maintains LiteLLM, confirmed the compromise and said it traced back to a compromised Trivy security scan dependency in its CI/CD path. The incident matters because the malicious packages […]\n\nThe post TeamPCP backdoored LiteLLM on PyPI after the Trivy compromise appeared first on VPN Central.",
  "title": "TeamPCP backdoored LiteLLM on PyPI after the Trivy compromise"
}