litellm with 97 million monthly downloads suffers supply chain attack, simple installation can steal all sensitive credentials such as SSH keys

Odaily News Andrej Karpathy posted on platform X, stating that litellm has suffered a PyPI supply chain attack. Simply executing `pip install litellm` could steal SSH keys, AWS/GCP/Azure credentials, Kubernetes configurations, git credentials, environment variables, cryptocurrency wallets, SSL private keys, CI/CD keys, and database passwords. litellm has 97 million monthly downloads, and the risk spreads to all projects dependent on litellm, such as dspy. The malicious version containing the implanted code was live for less than about 1 hour before being discovered due to a flaw in the attack code causing Callum McMahon's machine to run out of memory and crash. Andrej Karpathy stated that supply chain attacks are one of the most threatening issues in modern software; each dependency installation can potentially introduce tampered packages deep within the dependency tree. He is therefore increasingly inclined to reduce dependencies and instead use LLMs to directly implement simple functionalities.