Cyber risk: supply‑chain & infrastructure

Malicious LiteLLM releases 1.82.7 and 1.82.8 were published to PyPI on March 24, 2026 and later removed after the project posted a security incident update and indicators of compromise (litellm_init.pth, suspicious outbound domains). (docs.litellm.ai) Threat analysts attribute the campaign to the criminal group “TeamPCP,” which previously abused CI/security tooling to harvest secrets and used those credentials to push the poisoned LiteLLM packages to PyPI. (trendmicro.com) Technical breakdowns show the malicious 1.82.8 build added a litellm_init.pth that executes at Python startup and the payload explicitly targeted AWS/GCP/Azure credentials, SSH keys and Kubernetes tokens for exfiltration and lateral movement. (github.com) Downstream exposure was large: analysts estimated the dependency had tens of millions of monthly downloads and public scans flagged affected projects and toolchains during a roughly 3–5 hour compromise window. (aimodelsmap.com) Industry remediation playbooks issued in the wake of the incident repeatedly recommended: revoke and rotate exposed keys and tokens, scan and isolate CI runners (especially Trivy-related actions), rebuild artifacts from known-clean sources, and enforce SBOMs and SLSA-style provenance. (bastion.tech) Deloitte and other consultancies warned this week that IT/OT convergence is widening the attack surface for aviation, transport and utilities, citing recent critical‑infrastructure incidents from 2024–2025 as evidence that cyber events can now risk physical safety. (rediff.com) Industry and government responses are already shifting: Airbus has expanded cyber-defense capability via acquisitions focused on aviation security, and policy roadmaps such as the Cyberspace Solarium Commission 2.0 are pressing for sector-specific resilience strategies for transportation and utilities. (eturbonews.com)