慢雾：LiteLLM发生PyPI供应链攻击，植入的恶意文件可窃取加密钱包等敏感信息

PANews2026-03-25 00:28:00

Favorite

PANews 3月25日消息，慢雾科技首席信息安全官23pds在X平台发文称：“每月下载量高达9700万次的LiteLLM发生PyPI供应链攻击：通过pip install litellm即可窃取敏感信息，包括SSH密钥、云凭据(AWS/GCP/Azure)、Kubernetes配置、Git凭据、环境变量(API密钥)、Shell历史、加密钱包及数据库密码等。”

Disclaimer: This article is copyrighted by the original author and does not represent MyToken’s views and positions. If you have any questions regarding content or copyright, please contact us.(www.mytokencap.com)contact

About MyToken:https://www.mytokencap.com/aboutusArticle Link:https://www.mytokencap.com/news/569215.html

Previous:SpaceX计划最早于本周提交IPO申请，筹集超过750亿美元资金

Next:Dragonfly：别被“智能体商业”骗了，大多数AI并不需要加密支付

BlackRock Crypto Outlook: CEO Predicts $500M A Year In Revenue Within Next Five Years

In his 2026 annual shareholder letter, BlackRock CEO Larry Fink laid out an ambitious outlook for th...

NewsBTC2026-03-25 04:00:41

Securitize Integrates with NYSE to Advance Tokenized Securities Market

Securitize has signed an MoU with NYSE to enable blockchain-based securities with aim to enhance tok...

blockchainreporter2026-03-25 04:00:00

Invesco Takes Over Management of Superstate's $967M Tokenized Treasury Fund

The deal hands a $2.2 trillion asset manager the keys to one of the top five tokenized Treasury prod...

Blockhead2026-03-25 03:30:17