Post #8746

⚠️ A compromised AI library exposed developer machines. 1,705 packages pulled infected LiteLLM versions, harvesting SSH keys and cloud creds from local systems via dependencies. It worked because secrets sit in plaintext across files and tools. 🔗 How one dependency exposed thousands of environments → https://thehackernews.com/2026/04/how-litellm-turned-developer-machines.html