Article

On March 24, 2026, threat actor known as TeamPCP published backdoored versions of the litellm Python package after stealing PyPI credentials via a compromised Trivy GitHub Action in LiteLLM's CI/CD pipeline.

This summary may be AI-generated and could contain inaccuracies. Read the original article for full details.