THREAT OPS › Threat News › How a Poisoned Security Scanner Became the Key to Backdooring LiteLLM
How a Poisoned Security Scanner Became the Key to Backdooring LiteLLM
On March 24, 2026, threat actor known as TeamPCP published backdoored versions of the litellm Python package after stealing PyPI credentials via a compromised Trivy GitHub Action in LiteLLM's CI/CD pipeline. Here's what happened, how the three-stage malware works, and how to check if you're affected.
MITRE ATT&CK techniques
- CredentialsT1589.001
Original source: https://snyk.io/blog/poisoned-security-scanner-backdooring-litellm/