[a / b / c / d / e / f / g / gif / h / hr / k / m / o / p / r / s / t / u / v / vg / vm / vmg / vr / vrpg / vst / w / wg] [i / ic] [r9k / s4s / vip] [cm / hm / lgbt / y] [3 / aco / adv / an / bant / biz / cgl / ck / co / diy / fa / fit / gd / hc / his / int / jp / lit / mlp / mu / n / news / out / po / pol / pw / qst / sci / soc / sp / tg / toy / trv / tv / vp / vt / wsg / wsr / x / xs] [Settings] [Search] [Mobile] [Home]
Board
Settings Mobile Home
/g/ - Technology
Return Catalog Bottom Refresh
Thread archived.
You cannot reply anymore.
[Advertise on 4chan]
[Return] [Catalog] [Bottom]
Anonymous Archived
LiteLLM exploit 03/24/26(Tue)13:32:16 No.108445249
File: litellm.jpg (75 KB, 1626x494)
75 KB
75 KB JPG
LiteLLM exploit Anonymous 03/24/26(Tue)13:32:16 No.108445249 Archived
Vibecodefags absolutely BTFO.

Vibecoded LLM Gateway provider had malicious credential stealing script hidden in the pypi package.

https://github.com/BerriAI/litellm/issues/24518
https://github.com/BerriAI/litellm/issues/24521
>>
Anonymous
03/24/26(Tue)13:33:39 No.108445258
Anonymous 03/24/26(Tue)13:33:39 No.108445258
>>108445249
what are some other creative ways to ruin vibecoder's lives? asking for a friend.
>>
Anonymous
03/24/26(Tue)13:34:43 No.108445271
Anonymous 03/24/26(Tue)13:34:43 No.108445271
the current state of ""superior"" open source, you might as well install Windows XP and run Fast&Furious.avi.exe
>>
Anonymous
03/24/26(Tue)13:47:39 No.108445377
Anonymous 03/24/26(Tue)13:47:39 No.108445377
This whole project is a shambles, hundreds of files all thousands of lines long. It's written by a couple of kids fresh out of college. The actual exploit is quite simple too. It's a script that runs every time you open a Python interpreter and sends all the credentials and keys from your machine to a remote service.
>>
Anonymous
03/24/26(Tue)13:50:42 No.108445397
Anonymous 03/24/26(Tue)13:50:42 No.108445397
File: BonziBUDDY.jpg (26 KB, 420x420)
26 KB
26 KB JPG
>>108445271
>>
Anonymous
03/24/26(Tue)13:56:01 No.108445434
Anonymous 03/24/26(Tue)13:56:01 No.108445434
File: 1749678142063887.png (100 KB, 1496x458)
100 KB
100 KB PNG
>7k branches
>1.1k pull requests
>1k open issues
>32k commits
what a mess.
>>
Anonymous
03/24/26(Tue)14:03:21 No.108445479
Anonymous 03/24/26(Tue)14:03:21 No.108445479
>>108445434
And it's all python. It's far too high traffic for me to touch it, must be easy to sneak stuff in there. Though to be fair it just looks the like the issue was simple credentials theft which allowed the attacker to push a compromised package to PyPi.
>>
Anonymous
03/24/26(Tue)14:11:56 No.108445530
Anonymous 03/24/26(Tue)14:11:56 No.108445530
>>108445249
The docker images apparently weren't affected thankfully.
>>
Anonymous
03/24/26(Tue)14:14:18 No.108445543
Anonymous 03/24/26(Tue)14:14:18 No.108445543
>>108445249
Imagine using this shit when you can just make http requests.
>>
Anonymous
03/24/26(Tue)14:24:56 No.108445629
Anonymous 03/24/26(Tue)14:24:56 No.108445629
File: 1769295644901735.png (444 KB, 1024x674)
444 KB
444 KB PNG
>>108445249
>>108445258
>>
Anonymous
03/24/26(Tue)14:43:27 No.108445752
Anonymous 03/24/26(Tue)14:43:27 No.108445752
>>108445249
open source bros? our response?
>>
Anonymous
03/24/26(Tue)14:46:21 No.108445776
Anonymous 03/24/26(Tue)14:46:21 No.108445776
>>108445629
>horse analogy
>>
Anonymous
03/24/26(Tue)16:48:27 No.108446494
Anonymous 03/24/26(Tue)16:48:27 No.108446494
I wonder how many companies got fucked by this, I know it's used by a lot.
>>
Anonymous
03/24/26(Tue)16:49:22 No.108446497
Anonymous 03/24/26(Tue)16:49:22 No.108446497
>>108445629
>crypto baggies using the same garbage tier analogies to AI shitware
ya, that's how I know it's a shitty fad.
>>
Anonymous
03/24/26(Tue)16:49:53 No.108446502
Anonymous 03/24/26(Tue)16:49:53 No.108446502
>>108445249
Is that something the AI did?
>>
Anonymous
03/24/26(Tue)16:51:03 No.108446514
Anonymous 03/24/26(Tue)16:51:03 No.108446514
File: 1757650202304507.jpg (49 KB, 656x679)
49 KB
49 KB JPG
I have no credentials to steal
>>
Anonymous
03/24/26(Tue)16:51:40 No.108446521
Anonymous 03/24/26(Tue)16:51:40 No.108446521
>>108445629
gm sar
>>
Anonymous
03/24/26(Tue)16:55:25 No.108446545
Anonymous 03/24/26(Tue)16:55:25 No.108446545
>>108446502
No, but the project is run by amateurs. These supply chain attacks are something to be wary off with OSS. It was particularly effective in this case due to it being such a high traffic bloated library. Good job they caught it earlyish but I bet there are plenty of people using dependabot or similar that don't realise they've had their creds leaked.
>>
Anonymous
03/24/26(Tue)19:18:02 No.108447490
Anonymous 03/24/26(Tue)19:18:02 No.108447490
>>108445629
>maan, i posted it again
>>
Anonymous
03/24/26(Tue)20:54:58 No.108448048
Anonymous 03/24/26(Tue)20:54:58 No.108448048
>>108445249
Is this really only used by vibecoders? I think it's probably used by all those companies whose names are in LiteLLM's site... I mean they're using agents but not all of them are retards, I suppose. I mean, Adobe? They gotta have some good ones there
>>
Anonymous
03/24/26(Tue)23:16:01 No.108448775
Anonymous 03/24/26(Tue)23:16:01 No.108448775
>>108445629
cars don't have a horsecock
[Return] [Catalog] [Top]
Post a Reply
Return Catalog Top Refresh
[Advertise on 4chan]
Delete Post: [File Only] Style:
[Disable Mobile View / Use Desktop Site]

[Enable Mobile View / Use Mobile Site]

All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.