TechSecInfo

The tech + cyber briefing: what happened, why it matters, and where it came from.

Cyber Security

TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 Likely via Trivy CI/CD Compromise

By rooter

TeamPCP, the threat actor behind the recent compromises of Trivy and KICS, has now compromised a popular Python package named litellm, pushing two malicious versions containing a credential harvester, a Kubernetes lateral movement toolkit, and a persistent backdoor.
Multiple security vendors, including Endor Labs and JFrog, revealed that litellm versions 1.82.7 and 1.82.8 were published on

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

By rooter

Related Post

Cyber Security

The Role of Risk Management in Funded Trading: Lessons from Top Performers

rooter
Cyber Security

Tax Search Ads Deliver ScreenConnect Malware Using Huawei Driver to Disable EDR

rooter
Cyber Security

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

rooter

Leave a Reply

You Missed

News

Watch First Video Evidence of Sperm Whales Headbutting Each Other

News

Arm’s first CPU ever will plug into Meta’s AI datacenters later this year

News

Apple is testing a standalone app for its overhauled Siri

News

Epic Games Laying Off 1,000+ Employees, Swears AI Is Not to Blame