Bleeping Computer

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...
thearabianpost

PyPI proxy trap siphons AI prompts

A Python package presented as a privacy-first shortcut to AI models has been unmasked as a supply-chain threat that quietly captures user prompts, leans on a private university service without ...
GitHub

MAL-2026-2184.json

"details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: kam193 (2e341dbac5b5fcd3b5a882b5ee47e26051b72bacd4d552790c684174ba0e69ae ...
GitHub

MAL-2026-2268.json

"details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: kam193 (db2be37ea455b54b825242a3f66310fdf3f70e50b1dc1a234fa3ebb534afa857 ...