litellm

Apple Patched the Door. Attackers Used the Window.

John Z Black Apr 10, 2026

Threat Intelligence #atomic-stealer #amos #macos #clickfix #script-editor #malware #pypi #litellm #supply-chain

macOS 26.4 added Terminal security scanning to block ClickFix attacks. Within 48 hours, Atomic Stealer was back, running through Script Editor instead. One click. No warning.

The AI Training Pipeline Just Became a High-Value Target

John Z Black Apr 6, 2026

Incidents & Breaches #supply-chain #ai-security #litellm #mercor #lapsus$ #teampcp

A trojanized LiteLLM package hit Mercor, the AI training vendor shared by OpenAI, Anthropic, and Meta, exposing the massive concentration risk in the AI supply chain.

TeamPCP's First Confirmed Victim Lost Passport Scans and Video Interviews

John Z Black Apr 2, 2026

Incidents & Breaches #teampcp #supply-chain #mercor #lapsus #data-breach #biometric-data #litellm

AI hiring platform Mercor confirmed a breach tied to the LiteLLM compromise. The stolen data includes passport scans and video interviews you can't exactly rotate like a password.

TeamPCP Is Back. Now It's Deploying Ransomware Through Your AI Libraries.

John Z Black Mar 30, 2026

AI Security #supply-chain #teampcp #litellm #telnyx #ransomware #python #steganography #ai-security

The supply-chain group that poisoned Trivy last week just hit LiteLLM and the Telnyx SDK, hid their payload in WAV audio files, and announced a ransomware affiliate partnership.

The Trivy Domino: How One Poisoned Security Tool Spread to a Thousand Cloud Environments

John Z Black Mar 25, 2026

Threat Intelligence #supply-chain #trivy #litellm #kubernetes #teampcp #cloud-security #ci-cd

A poisoned Trivy Docker image grew into one of the year's worst CI/CD compromises. Thousands of pipelines ran the payload, LiteLLM got backdoored on PyPI, and the attackers built a three-part kit designed to hit Kubernetes clusters and stay.