https://futuresearch.ai/blog/litellm-pypi-supply-chain-attack/
-
Supply Chain Attack in litellm 1.82.8 on PyPI
litellm version 1.82.8 on PyPI contains a malicious .pth file that harvests SSH keys, cloud credentials, and secrets on every Python startup, then attempts lateral movement across Kubernetes clusters. First reported to PyPI by FutureSearch, whose report led to the package being quarantined.
FutureSearch (futuresearch.ai)
-
I podcastindex.social shared this topic
-
Supply Chain Attack in litellm 1.82.8 on PyPI
litellm version 1.82.8 on PyPI contains a malicious .pth file that harvests SSH keys, cloud credentials, and secrets on every Python startup, then attempts lateral movement across Kubernetes clusters. First reported to PyPI by FutureSearch, whose report led to the package being quarantined.
FutureSearch (futuresearch.ai)
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better π
Register LoginWelcome To Podcasting.Chat!
This forum is for podcasters, podcast guests, and podcast enthusiasts alike to share tips, tricks, and their love of the medium.
This forum is fully federated, so you are able to contribute to any discussion here through your own software of choice (e.g. Mastodon, Misskey, Lemmy, Piefed, etc.). So you can sign up for an account here and it federates around the Fediverse. You can also follow feeds and topics from your other Fedi-enabled accounts.
Recent Posts
-
Starting soon: How to Know if Your Podcast is Working (Is it supporting your business yet?) (virtual) (free) https://podnews.net/event/how-to-know-if-your-podcast-is-working-is-it-supporting-your-business-yet #podevents
-
@adam @dave @aegrumet @theDanielJLewis I would suspect the reason you're seeing higher toking usage in Claude is because the the maximum context window for gpt 5.3 is 400k where the maximum contacts window of Claude 4.6 is 1 million. Therefore, it has the ability to send a whole lot more information per prompt request. The beast is hungry and it loves to be fed!
-
You upload the audio files, just like you upload a photo or video!
(Though itβs thru the gear iconβ¦ for now.)
-
