LiteLLM versions 1.82.7 and 1.82.8 compromised on PyPI — Supply Chain Attack

Critical Supply Chain Attack on Popular LLM Library

A serious security incident has been reported for LiteLLM, a widely-used open-source library that provides a unified interface for calling 100+ LLM APIs. Versions 1.82.7 and 1.82.8 published to PyPI have been identified as compromised.

What Happened

The issue was reported on GitHub (issue #24512) by the LiteLLM team. The compromised packages were published to the Python Package Index, meaning anyone who installed these specific versions may have been affected.

Impact Assessment

LiteLLM is used across the AI/ML ecosystem as an abstraction layer for multiple LLM providers including OpenAI, Anthropic, Google, and others. A supply chain compromise of this library could potentially:

• Intercept API keys and credentials
• Exfiltrate LLM prompts and responses
• Inject malicious code into dependent projects
• Provide persistent access to victim infrastructure

Recommended Actions

• Immediately upgrade to the latest version of LiteLLM if running 1.82.7 or 1.82.8
• Audit any systems that may have installed these versions
• Rotate API keys used with LiteLLM during the compromise window
• Check dependency trees for transitive installations

Broader Context

This incident highlights the ongoing risk of supply chain attacks in the AI/ML ecosystem. As LLM tooling rapidly evolves, the dependency chain grows more complex, and compromised packages can have far-reaching security implications across organizations using AI services.