D
dot_treo
About an hour ago new versions have been deployed to PyPI.
I was just setting up a new project, and things behaved weirdly. My laptop ran out of RAM, it looked like a forkbomb was running.
I've investigated, and found that a base64 encoded blob has been added to proxy_server.py.
It writes and decodes another file which it then runs.
I'm in the process of reporting this upstream, but wanted to give everyone here a headsup.
It is also reported in this issue: [Security]: CRITICAL: Malicious litellm_init.pth in litellm 1.82.8 — credential stealer · Issue #24512 · BerriAI/litellm
Comments URL: Tell HN: Litellm 1.82.7 and 1.82.8 on PyPI are compromised | Hacker News
Points: 120
# Comments: 297
Continue reading...
I was just setting up a new project, and things behaved weirdly. My laptop ran out of RAM, it looked like a forkbomb was running.
I've investigated, and found that a base64 encoded blob has been added to proxy_server.py.
It writes and decodes another file which it then runs.
I'm in the process of reporting this upstream, but wanted to give everyone here a headsup.
It is also reported in this issue: [Security]: CRITICAL: Malicious litellm_init.pth in litellm 1.82.8 — credential stealer · Issue #24512 · BerriAI/litellm
Comments URL: Tell HN: Litellm 1.82.7 and 1.82.8 on PyPI are compromised | Hacker News
Points: 120
# Comments: 297
Continue reading...