The Hacker News

TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 via Trivy CI/CD Compromise

Malicious LiteLLM 1.82.7–1.82.8 via Trivy compromise deploys backdoor and steals credentials, enabling Kubernetes-wide ...
腾讯网

立即检查你的Python库!LiteLLM被投毒,Karpathy警告,马斯克关注

编辑|冷猫这是一件极其严肃的软件安全事件。今天,Karpathy 发长推文警告全部开发者注意,GitHub 超过 4 万星,月下载量达 9700 万次的 Python 库 LiteLLM 在 PyPI 上被投毒。首先提请各位开发者检查自己的 ...

LiteLLM供应链投毒攻击事件解析

近日,人工智能领域发生了一起震动全球开发者的安全事件。作为AI开发核心枢纽的LiteLLM网关遭遇供应链投毒攻击,大量使用者的密钥与敏感信息被窃取。这一事件被业界称为“教科书级别的供应链攻击”,其影响范围之广、危害程度之深,再次暴露出当前AI供应链体系的安全隐患。 LiteLLM作为AI网关,能够代理100多种大语言模型(LLM)的API,被广泛应用于AI编程与服务编排场景。目前其在GitHub上 ...
Security Boulevard

AI Infrastructure LiteLLM Supply Chain Poisoning Alert

Overview Recently, NSFOCUS Technology CERT detected that the GitHub community disclosed that there was a credential stealing program in the new version of LiteLLM. Analysis confirmed that it had ...
Nature

The spindle: a dynamic assembly of microtubules and motors

In all eukaryotes, a microtubule-based structure known as the spindle is responsible for accurate chromosome segregation during cell division. Spindle assembly and function require localized ...