LiteLLM Hack: Were You One of the 47,000? (https://futuresearch.ai/blog/litellm-hack-were-you-one-of-the-47000/)

Daniel Hnyk used the BigQuery PyPI dataset (https://console.cloud.google.com/bigquery?p=bigquery-public-data&d=pypi) to determine how many downloads there were of the exploited LiteLLM packages (https://simonwillison.net/2026/Mar/24/malicious-litellm/) during the 46 minute period they were live on PyPI.

They also identified 2,337 packages that depended on LiteLLM - 88% of which did not pin versions in a way that would have avoided the exploited version.

Via @hnykda (https://twitter.com/hnykda/status/2036834100342825369)

Tags: packaging (https://simonwillison.net/tags/packaging), pypi (https://simonwillison.net/tags/pypi), python (https://simonwillison.net/tags/python), security (https://simonwillison.net/tags/security), supply-chain (https://simonwillison.net/tags/supply-chain)