LiteLLM - Geek Feed

Hackers are exploiting a critical LiteLLM pre-auth SQLi flaw

May 1, 2026May 1, 2026 geekfeed0Tagged Actively Exploited, Artificial Intelligence, CVE-2026-42208, LiteLLM, LLM, Open Source, SQL Injection, vulnerability

Hackers are targeting sensitive information stored in the LiteLLM open-source large-language model (LLM) gateway by exploiting a critical vulnerability tracked as CVE-2026-42208. The flaw is an SQL injection issue that occurs during LiteLLM’s proxy API key verification step. An attacker can exploit it without authentication by sending a specially crafted Authorization header to any LLM […]

2 mins read

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

March 28, 2026March 28, 2026 geekfeed0Tagged Authentication Tokens, credentials, Infostealer, LiteLLM, Supply Chain Attack, TeamPCP

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular “LiteLLM” Python package on PyPI and claiming to have stolen data from hundreds of thousands of devices during the attack. LiteLLM is an open-source Python library that serves as a gateway to multiple large language model (LLM) providers via a single API. […]

4 mins read