pull down to refresh

115 sats \ 1 reply \ @0xbitcoiner OP 25 Mar \ parent \ on: LiteLLM infected with credential-stealing code via Trivy AI

So, if I got it right, the LiteLLM repos weren’t compromised, it was using a fake version of Trivvy that caused the issue. Is that right?

write
compose
192 sats \ 0 replies \ @optimism 25 Mar

No. Only the production package publication key got compromised. lol.

They didn't isolate their Continuous Deployment (CD) production system from their Continuous Integration (CI) system where they use 3rd party vendors. So they basically were sending their production keys to their vendors.

Vendors didn't fuck them, they're nice guys. But one of the vendors got compromised, by less nice guys.

Bottom line: don't store production keys on GH.

reply