highMalware & Threats
TeamPCP Trojans LiteLLM Package in Supply Chain Attack
TeamPCP threat actors compromised the popular LiteLLM Python package, injecting malware into versions 1.82.7 and 1.82.8 that steals cloud credentials and secrets. The attack uses Python's .pth mechanism for stealthy persistence across package installations.
Wiz Blog
supply-chainpythonteampcp