我对 LiteLLM 恶意软件攻击的逐分钟反应

Callum McMahon reported the LiteLLM malware attack to PyPI and shared the Claude transcripts he used to confirm the vulnerability and decide on the next steps. In an isolated Docker container, Claude confirmed the presence of malicious code and suggested the PyPI security contact address. An inspection of the litellm-1.82.8-py3-none-any.whl file revealed a suspicious litellm_init.pth file, which upon further analysis contained malicious code that could potentially harm user systems. This incident highlights the security risks within the open-source software ecosystem and underscores the importance of timely reporting and response.