OpenAI member Karpathy has pointed out that the LiteLLM development tool suffered a supply chain attack, resulting in the theft of sensitive information such as user SSH keys. The compromised version has been removed from PyPI, and the malicious code could cause widespread data leaks through simple installation. The attack persisted for approximately 1 hour after being exposed. The development team has taken measures to prevent recurrence.

LiteLLM Python AI gateway library suffered a PyPI supply chain attack. Attackers can steal sensitive user information through the pip install litellm command, including SSH keys, cloud service credentials, Kubernetes configurations, and Git credentials.