Python Supply-Chain Compromise - Schneier on Security
Malicious .pth file discovered in litellm v1.82.8 PyPI package executes on Python startup.
Summary
A supply-chain compromise was identified in the Python Package Index package litellm version 1.82.8, which contained a malicious .pth file (litellm_init.pth) that executes automatically on every Python interpreter startup without requiring explicit module import. The incident highlights the need for critical library security measures including SBOMs, SLSA, and SigStore implementations.
Full text
Python Supply-Chain Compromise This is news: A malicious supply chain compromise has been identified in the Python Package Index package litellm version 1.82.8. The published wheel contains a malicious .pth file (litellm_init.pth, 34,628 bytes) which is automatically executed by the Python interpreter on every startup, without requiring any explicit import of the litellm module. There are a lot of really boring things we need to do to help secure all of these critical libraries: SBOMs, SLSA, SigStore. But we have to do them. Tags: cybersecurity, malware, supply chain Posted on April 8, 2026 at 6:25 AM • 0 Comments
Indicators of Compromise
- malware — litellm_init.pth
- malware — litellm