litellm: Credential Stealer Hidden in PyPI Wheel

A critical supply chain attack was discovered in the litellm PyPI package version 1.82.8 on March 24, 2026. The compromised package contains a malicious litellm_init.pth file designed to steal credentials. This represents a significant threat to Python developers and organizations using the litellm library for AI/ML operations. The attack demonstrates sophisticated supply chain compromise techniques targeting the Python package ecosystem. Organizations using this specific version should immediately investigate potential credential exposure and update to a clean version.