Post B4aZb0oGINJUIduTL6 by dangoodin@infosec.exchange
 (DIR) More posts by dangoodin@infosec.exchange
 (DIR) Post #B4aZb0oGINJUIduTL6 by dangoodin@infosec.exchange
       2026-03-24T16:49:22Z
       
       1 likes, 0 repeats
       
       Wow, TeamPCP is hacking open-source developers faster than we can report on them. The latest (that I'm aware of, anyway) is LiteLLM. They worked with Trivy but didn't bother to change their credentials after Trivy was hacked, despite an ample amount of advice to do so.Folks, if any of you used LiteLLM, now is the time to change your credentials, at an atomic level. Now, as in immediately.https://news.ycombinator.com/item?id=47501729
       
 (DIR) Post #B4aZb656hAl6eKpUn2 by dangoodin@infosec.exchange
       2026-03-24T16:49:56Z
       
       0 likes, 0 repeats
       
       For context, please see:https://arstechnica.com/security/2026/03/self-propagating-malware-poisons-open-source-software-and-wipes-iran-based-machines/