# PyPI package stole AWS, SSH, and crypto keys before it was even imported - Date: 2026-03-24 - Category: Artificial Intelligence A malicious version of litellm, a popular Python library for managing large language model API calls, was published to the Python Package Index overnight and quarantined within hours, but the compromise highlights a particularly insidious feature of the Python packaging ecosystem that made the at... ---