{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreid3fwysoj5i3atvgov6uoutlopwwrouhxj6ebq526hduzv7so7aly",
    "uri": "at://did:plc:kyxdufbi5qaljy7bxivztuhy/app.bsky.feed.post/3miyv7onhjzc2"
  },
  "path": "/blog/archives/2026/04/python-supply-chain-compromise.html",
  "publishedAt": "2026-04-08T10:25:53.000Z",
  "site": "https://www.schneier.com",
  "tags": [
    "Uncategorized",
    "cybersecurity",
    "malware",
    "supply chain",
    "news"
  ],
  "textContent": "This is news:\n\n> A malicious supply chain compromise has been identified in the Python Package Index package litellm version 1.82.8. The published wheel contains a malicious .pth file (litellm_init.pth, 34,628 bytes) which is automatically executed by the Python interpreter on every startup, without requiring any explicit import of the litellm module.\n\nThere are a lot of really boring things we need to do to help secure all of these critical libraries: SBOMs, SLSA, SigStore. But we have to do them.",
  "title": "Python Supply-Chain Compromise"
}