A poisoned release of LiteLLM turned a routine Python install into a crypto-aware secret stealer that searched for wallets, Solana validator material, and cloud credentials every time Python started. On Mar. 24, between 10:39 UTC and 16:00 UTC, an attacker who had gained access to a maintainer account published two malicious versions of LiteLLM to … Continue reading Hackers sneak crypto wallet-stealing code into a popular AI tool that runs every time