litellm

The Trivy Domino: How One Poisoned Security Tool Spread to a Thousand Cloud Environments

John Z Black Mar 25, 2026

Threat Intelligence #supply-chain #trivy #litellm #kubernetes #teampcp #cloud-security #ci-cd

A poisoned Trivy Docker image grew into one of the year's worst CI/CD compromises. Thousands of pipelines ran the payload, LiteLLM got backdoored on PyPI, and the attackers built a three-part kit designed to hit Kubernetes clusters and stay.