Tag: LiteLLM

Anthropic’s MCP Design Flaw: How a Protocol-Level Vulnerability Enables Remote Code Execution at Scale

Artificial Intelligent, Data Breach Leave a comment
Anthropic’s MCP Design Flaw: How a Protocol-Level Vulnerability Enables Remote Code Execution at Scale

A critical architectural flaw in Anthropic’s Model Context Protocol (MCP) ecosystem has exposed a vast number of downstream systems to remote code execution (RCE) risks. Researchers at OX Security found the issue embedded across official MCP SDKs for Python, TypeScript, Java, and Rust — meaning developers building on MCP inherit the vulnerability by design rather than through a simple coding

Continue

LiteLLM Supply Chain Breach — 95M Downloads, Import-Time Backdoor, and What Teams Must Do Now

Data Breach, Hacking and Exploits Leave a comment
LiteLLM Supply Chain Breach — 95M Downloads, Import-Time Backdoor, and What Teams Must Do Now

The Python package ecosystem suffered another high-impact supply chain compromise: LiteLLM — a popular library that routes requests across large language model providers and sees tens of millions of downloads — shipped malicious code in recent PyPI releases. Two versions published on March 24, 2026 (1.82.7 and 1.82.8) contained an import‑time backdoor that escalates into credential harvesting, lateral movement, and

Continue