{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreidnwom3kccoas3roq254gsexz4yicxcocgvjsf2xe7pz7z4iek36q",
    "uri": "at://did:plc:b3tz6srl4ochk2wxn6dv6xpy/app.bsky.feed.post/3mhsxuakhgks2"
  },
  "path": "/Articles/1064479/",
  "publishedAt": "2026-03-24T13:48:18.000Z",
  "site": "https://lwn.net",
  "tags": [
    "This issue\nreport"
  ],
  "textContent": "This issue\nreport describes a credential-stealing attack buried within LiteLLM 1.82.8 in the PyPI repository. It collects and exfiltrates a wide variety of information, including SSH keys, credentials for a number of cloud services, crypto wallets, and so on. Anybody who has installed this package has likely been compromised and needs to respond accordingly.",
  "title": "LiteLLM on PyPI is compromised"
}