TeamPCP, the threat actor behind the recent compromises of Trivy and KICS, has now compromised a popular Python package named litellm, pushing two malicious versions containing a credential harvester, a Kubernetes lateral movement toolkit, and a persistent backdoor. Multiple security vendors, including Endor Labs and JFrog, revealed that litellm versions 1.82.7 and 1.82.8 were published on
![]()
source https://thehackernews.com/2026/03/teampcp-backdoors-litellm-versions.html
source https://thehackernews.com/2026/03/teampcp-backdoors-litellm-versions.html