Olivia
Online
Cameron Eckelberry
@cameck
Software Engineer at @malwarebytes.
All tweets my own.
Tampa Bay, Florida
Joined April 2011
679 Following
108 Followers
641 Posts
Someone just poisoned the Python package that manages AI API keys for NASA, Netflix, Stripe, and NVIDIA.. 97 million downloads a month.. and a simple pip install was enough to steal everything on your machine.
The attacker picked the one package whose entire job is holding every AI credential in the organization in one place. OpenAI keys, Anthropic keys, Google keys, Amazon keys… all routed through one proxy. All compromised at once.
The poisoned version was published straight to PyPI.. no code on GitHub.. no release tag.. no review. Just a file that Python runs automatically on startup. You didn’t need to import it. You didn’t need to call it. The malware fired the second the package existed on your machine.
The attacker vibe coded it… the malware was so sloppy it crashed computers.. used so much RAM a developer noticed their machine dying and investigated. They found LiteLLM had been pulled in through a Cursor MCP plugin they didn’t even know they had.
That crash is the only reason thousands of companies aren’t fully exfiltrated right now. If the code had been cleaner nobody notices for weeks. Maybe months.
The attack chain is the part that gets worse every sentence.
TeamPCP compromised Trivy first. A security scanning tool. On March 19. LiteLLM used Trivy in its own CI pipeline… so the credentials stolen from the SECURITY product were used to hijack the AI product that holds all your other credentials.
Then they hit GitHub Actions. Then Docker Hub. Then npm. Then Open VSX. Five package ecosystems in two weeks. Each breach giving them the credentials to unlock the next one.
The payload was three stages.. harvest every SSH key, cloud token, Kubernetes secret, crypto wallet, and .env file on the machine.. deploy privileged containers across every node in the cluster.. install a persistent backdoor waiting for new instructions.
TeamPCP posted on Telegram after: “Many of your favourite security tools and open-source projects will be targeted in the months to come.. stay tuned.”
Every AI agent, copilot, and internal tool your company shipped this year runs on hundreds of packages exactly like this one… nobody chose to install LiteLLM on that developer’s machine. It came in as a dependency of a dependency of a plugin. One compromised maintainer account turned the entire trust chain into a credential harvesting operation across thousands of production environments in hours.
The companies deploying AI the fastest right now have the least visibility into what’s underneath it.
this is art
@RealEmirHan i guess on the plus, it doesn't spoil the end of the book 🤷♂️
These two photographs are separated by only 66 years.
@soren_iverson it's coming 😢
Live look at Malwarebytes engineers updating the Browser Guard extension every time Google makes a change to ad blocking.
Because we love you and ads, trackers, and scams suck. 😘
@alexeck Big if true
Let me let you in on a little secret about 1990s nostalgia: you don't miss Blockbuster or dine-in Pizza Hut. You miss analog life with other people who weren't distracted and were really present to enjoy mundane moments with you.
Check out my DADSONLY page. DADSONLY is the only site with exclusive pictures and videos of fathers taking out rubbish, connecting cables, lounging on chairs and wearing swimwear that is between 3 - 20 years old...
This is when I got interested in this sport
The Belgian kit for #Euro2024 is outrageously great, and has been designed to look like Tintin
Well done guys 👏👏👏
🥚 GIVEAWAY ALERT 🥚
Before you hunt for eggs this weekend, we hid an Easter egg in the latest version of Malwarebytes for Windows (MB5).
Post a screenshot of your high score for a chance to win 1 of 5 LIFETIME KEYS our intern found in the Malwarebytes basement.
Happy hunting!
@HardcoreHistory Come to St Pete!
@thekitze Sad but true
Yes, iot all the things!
Our important and timely blog on how to determine if your toothbrush is now part of a botnet.
https://t.co/wx8OIRYB3b
@GuyDealership would have loved to lease one... but wow it's more expensive than a model y (and that's expensive too :P). I'm not sure who this car is for really at that price point.
Happy Friday fam, go touch some grass 🌿🍄
@verge Been wondering how my little dudes have been doing 🫶🏻
Outlook, please... I will never say this
@devongovett @darkhorizontal @zeddotdev You're right there is a config option. I got it to use eslint in my project with this:
```
"language_overrides": {
"JavaScript": {
"format_on_save": {
"external": {
"command": "eslint",
"arguments": []
}
}
}
```
Vote to cancel Google Meet
Last Seen Users on Sotwe
JOE BETA | The Clubhouse 
Seen from Vietnam
Andy Star
Seen from United States
rehandut
Seen from Malaysia
PENIKMAT TANTEH
Seen from Indonesia
Pak Lurah
Seen from Indonesia
mobil goyang
Seen from Singapore
kinky Dutch bi couple
Seen from Turkey
Jerk off outdoor public
Seen from Singapore
sincanaktif27
Seen from Turkey
tapu
Seen from Egypt
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.3M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
87M followers
Taylor Swift
@taylorswift13
80.8M followers
Lady Gaga
@ladygaga
72.4M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
68.9M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.5M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.1M followers