Comment by dot_treo
3 days ago
Yeah, that release has the base64 blob, but it didn't contain the pth file that auto triggers the malware on import.
3 days ago
Yeah, that release has the base64 blob, but it didn't contain the pth file that auto triggers the malware on import.
The latest version with the the pth file doesn't require an import to trigger the exploit (just having the package installed is enough thanks to [1]).
The previous version triggers on `import litellm.proxy`
Again, all according to the issue OP.
[1] https://docs.python.org/3/library/site.html