The Vulnerability Scanner That Became the Vulnerability

The Story A vulnerability scanner got hacked. Then the hackers used it to poison one of the most popular AI libraries on the planet. That happened last week. Here's what went down: March 19 — TeamPCP compromised Aqua Security's Trivy, one of the most trusted open-source vulnerability scanners in DevSecOps. March 23 — Using stolen credentials, they compromised Checkmarx's KICS GitHub Actions and VS Code extensions. March 24 — Those same credentials gave them access to LiteLLM's CI/CD pipeline. What Is LiteLLM? LiteLLM is the universal AI gateway used across 36% of all cloud environments. It averages 95 million downloads per month. It sits between applications and 100+ AI providers—holding API keys for OpenAI, Anthropic, AWS, and Azure in one place. The attackers published two backdoored versions to PyPI. What the Malware Did In just three hours, the malware: Harvested SSH keys, cloud credentials, and Kubernetes secrets Deployed privileged pods to every node in Kubernetes clusters Instal