LiteLLM's security disaster exposes AI supply chain risks
The Agent Stack #014 — Wednesday Stack The AI gateway everyone trusts just got compromised. LiteLLM, used by thousands of developers to manage model API calls, fell victim to credential-stealing malware via their security compliance partner Delve. This isn’t just another breach story—it’s a wake-up call about the fragile infrastructure we’re building AI agents on. What Actually Happened LiteLLM serves as a proxy layer between your applications and model providers like OpenAI, Anthropic, and Cohere. Think of it as the plumbing that routes your API calls, handles rate limiting, and logs usage. The ishaan-jaff/litellm repo has 13.7k stars and gets downloaded millions of times monthly. ...