Datadog Security Labs

LiteLLM compromised on PyPI: Tracing the March 2026 TeamPCP supply chain campaign (opens in new tab)

Covered by 5 sources See all sources covering this story including Andrew Nesbitt, datadoghq.comDiscussed on Hacker News

On March 24, 2026, two PyPI releases of LiteLLM were published with malicious code. We trace the full TeamPCP supply chain campaign from Trivy through npm, Checkmarx, and into LiteLLM.

Read the original article
Sign in to keep reading the full article.
Sign UpLog In

Covered in 5 articles

Andrew Nesbitt·

GitHub Actions security in Python packages

Feeds
datadoghq.com·

From single pull requests to full software packages: Detecting malicious code at scale

Feeds
venturebeat.com·

Four AI supply-chain attacks in 50 days exposed the release pipeline red teams aren't covering

Feeds
View all 5 ›

Keyboard Shortcuts

Navigation

Next / previous post
j/k
Open post
oorEnter
Preview post
v

Post Actions

Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s

Recommendations

Add interest / feed
Enter
Not interested
x

Go to

Home
gh
Interests
gi
Feeds
gf
Likes
gl
History
gy
Changelog
gc
Settings
gs
Discover
gb
Search
/

General

Show this help
?
Submit feedback
!
Close modal / unfocus
Esc

Press ? anytime to show this help