In March 2026, a supply chain poisoning incident struck the open-source AI API gateway LiteLLM, with versions 1.82.7 and 1.82.8 found to be laced with malicious code. This nefarious code was designed to scour the environment for and pilfer sensitive data, including SSH keys, cloud platform credentials, Kubernetes secrets, and more, subsequently relaying this information back to the hacker's server. Armed with these stolen credentials, the hackers launched lateral penetration attacks, breaching a significant number of k8s clusters and resulting in an incalculable volume of data leakage. The ramifications of this incident were far-reaching, given LiteLLM's pivotal role in underpinning the AI infrastructures of thousands of enterprises, boasting an average monthly installation count of 95 million. Security experts advise users to promptly verify their versions, rotate their keys, and revert to the secure version 1.82.6 to mitigate potential risks.