Three’s a Crowd: TeamPCP trojanizes LiteLLM in Continuation of Campaign

LiteLLM, a widely used open-source Python library, was trojanized via malicious PyPI releases (v1.82.7 and v1.82.8) on 24 March 2026 by an actor tied to TeamPCP; the packages contained an information-stealing payload that harvested environment variables, SSH keys, cloud credentials, Kubernetes and CI/CD secrets, and crypto wallets, encrypted the data with AES-256 (with RSA-wrapped key) and exfiltrated it to attacker-controlled domains. PyPI quarantined the packages within hours, and the root cause was linked to an exposed API token from a prior compromise; Wiz provides detections and guidance for impacted customers.