LiteLLM python package compromised

On March 24, 2026, the popular LiteLLM python package was compromised by a supply chain attack. If you are using LiteLLM in any form, please take immediate action and check if any of the compromised versions (v1.82.7 or v1.82.8) are installed. See the LiteLLM blog post on the incident for all the details on how to check if you are affected and what to do if that’s the case: https://docs.litellm.ai/blog/security-update-march-2026.

Beware that you are affected if a compromised LiteLLM version was installed on any system that you have access to, whether that’s your laptop, a local server, a pipeline that builds or deploys software, or a HPC cluster. The attack does not apply to any of the centrally installed software modules or containers on the VUB-HPC clusters, as LiteLLM has not been centrally installed yet.

If you have any further questions, please contact us at VUB-HPC Support.