Advertisement
LiteLLM Proxy Data Exposure & Modification — Urgent Patch Required
Critical vulnerability in LiteLLM proxy enables unauthorized database read/modify access. Exploitation observed shortly after disclosure. Patch immediately.
CVE-2026-42208: Active Exploitation of LiteLLM SQL Injection
Attackers are actively exploiting CVE-2026-42208, a critical SQL injection flaw in LiteLLM, within 36 hours of disclosure. Patch to prevent database compromise.
CVE-2026-42208: LiteLLM Pre-Auth SQLi Actively Exploited – Patch Now
Hackers are actively exploiting CVE-2026-42208, a critical pre-authentication SQL injection vulnerability in LiteLLM, to access sensitive data. Urgent patching is
Mercor Hit by LiteLLM Supply Chain Attack – Lapsus$ Claims 4TB Data Theft
AI recruiting firm Mercor is investigating a LiteLLM supply chain attack, with Lapsus$ claiming to have stolen 4TB of sensitive data.
TeamPCP Supply Chain: Checkmarx Wider Scope & LiteLLM PyPI Compromise
An update on the TeamPCP supply chain campaign details wider Checkmarx impact, LiteLLM PyPI compromise, and a CISA KEV entry.
Checkmarx KICS & VS Code Plugin Targeted in Supply Chain Attack
TeamPCP exploited Checkmarx KICS, VS Code plugins, and LiteLLM in a supply chain attack targeting code scanners and AI libraries, indicating expanding threats.
LiteLLM PyPI Supply Chain Attack: TeamPCP Steals Credentials
TeamPCP compromised the LiteLLM PyPI package, backdooring it to steal credentials and auth tokens from hundreds of thousands of devices.