@LiteLLM: [INCIDENT UPDATES]- Compromi...
@LiteLLM
17 views
Mar 26, 2026
Advertisement
1
[INCIDENT UPDATES]
- Compromised LiteLLM packages have been deleted.
- Proxy docker image users were not impacted - All dependencies are pinned on requirements.txt.
- Compromise came from Trivvy security scan dependency, looking into it with Google’s Mandiant Security
- Compromised LiteLLM packages have been deleted.
- Proxy docker image users were not impacted - All dependencies are pinned on requirements.txt.
- Compromise came from Trivvy security scan dependency, looking into it with Google’s Mandiant Security
2
The comprised packages were 1.82.7 and 1.82.8, they were quarantined and deleted, thanks to @pypi team
No LiteLLM releases will out until we have scanned our chain and make sure it’s safe
We are actively investigating, reach out to support@berri.ai with any questions/concerns
No LiteLLM releases will out until we have scanned our chain and make sure it’s safe
We are actively investigating, reach out to support@berri.ai with any questions/concerns
3
@pypi Active incident thread: github.com/berriAi/litell…