📄 中文摘要
LiteLLM 是一个被广泛使用的 Python 库,近日在 PyPI 上发布了两个版本,内含窃取凭证的恶意软件。这些恶意代码能够从安装该库的每台机器上收集 SSH 密钥、云凭证、数据库密码、Kubernetes 秘密和加密钱包。该库每天的下载量超过 300 万次,受影响的版本在上线约 3 小时后被 PyPI 移除。此事件揭示了所有在应用程序中运行的开发工具都面临相同的风险,开发者应对此保持警惕。
LiteLLM 攻击及其对每个开发工具的影响
出处: The LiteLLM Attack and What It Means for Every Dev Tool
发布: 2026年3月25日
📄 English Summary
The LiteLLM Attack and What It Means for Every Dev Tool
Recently, two versions of LiteLLM, a widely used Python library, were published on PyPI containing credential-stealing malware. This malicious code harvested SSH keys, cloud credentials, database passwords, Kubernetes secrets, and crypto wallets from every machine that installed the package. With over 3 million downloads per day, the compromised versions were live for about 3 hours before being removed by PyPI. This incident highlights that every dev tool running within applications carries the same risk profile, emphasizing the need for vigilance among developers.