Three LiteLLM flaws let low-privilege users gain admin access and run code, exposing AI keys, secrets, prompts, and responses ...

A three-CVE chain lets any default LiteLLM user escalate to admin and get a shell on the gateway server. A separate RCE is ...

LiteLLM allows developers to integrate a diverse range of LLM models as if they were calling OpenAI’s API, with support for fallbacks, budgets, rate limits, and real-time monitoring of API calls. The ...

LiteLLM遭供应链投毒！月安装9500万次的API网关被植入后门，OpenAI/Anthropic用户数据泄露。立即检查版本并更换密钥！ 3 月 25 日 ...

A new report out today from cybersecurity company Forcepoint LLC’s X-Labs research team details a supply chain attack that compromised LiteLLM, a widely used open-source Python library that serves as ...

Navigating the ever-expanding world of large language models (LLMs) can feel like juggling too many pieces of a puzzle. Each provider has its own quirks—unique APIs, syntax variations, and specific ...

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...

A team of security researchers chained two vulnerabilities in LiteLLM, the popular open-source proxy that routes enterprise traffic to large language model providers, and walked away with arbitrary ...

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach ...