TI Mindmap HUB
Threat Intelligence Report

TeamPCP Hijacks LiteLLM's PyPI Package β€” Credential Stealer Hits 40k-Star Project

πŸ“… March 24, 2026 πŸ“° opensourcemalware.com πŸ” 0 CVE(s) referenced

TeamPCP hijacked the LiteLLM PyPI package, deploying a stealthy credential stealer that auto-executes on every Python startup, exfiltrates cloud and infrastructure secrets at scale, and enables persistent Kubernetes cluster takeoverβ€”marking a major escalation in supply chain attacks targeting the AI developer ecosystem.

researcher

Sign in to access the full report including:
detailed analysis, IOCs, MITRE ATT&CK mapping, and STIX bundle.

πŸ” Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

πŸ“Š Visual Mindmap
🎯 IOC Extraction
βš”οΈ MITRE ATT&CK TTPs
πŸ“¦ STIX 2.1 Bundle