Home / Security updates / News Event: LiteLLM PyPI Supply Chain Attack Review
News Event: LiteLLM PyPI Supply Chain Attack Review
Security updates detail rendered from /security-updates/upd_a6024d4c1d8dc201.
Overview
| ID | upd_a6024d4c1d8dc201 |
| Collection | Security Updates |
| Provider | SafeBase |
| Company | Postman |
| URL | - |
| Counts | - |
| Updated | - |
Raw record
| Field | Value |
|---|---|
| id | upd_a6024d4c1d8dc201 |
| providerId | safebase |
| organizationId | org_69f58ec0dcc1b656 |
| trustCenterId | tc_790930de45cf6e74 |
| title | News Event: LiteLLM PyPI Supply Chain Attack Review |
| message | As of March 24, 2026, Postman has confirmed that our systems are unaffected by the malicious litellm 1.82.7 and 1.82.8 packages published to PyPI as part of the TeamPCP supply chain attack. Our Security Engineering team reviewed our dependencies and environment. No indicators of compromise (IoCs), unauthorized access, or exploitation were identified. |
| url | - |
| publishedAt | 2026-03-24 |
| source | {
"field": "statuspage/public/compliance-update",
"category": "vulnerabilities"
} |
| company | {
"id": "org_69f58ec0dcc1b656",
"name": "Postman",
"domains": [
"security.postman.com",
"postman.com"
]
} |
| trust_center | {
"id": "tc_790930de45cf6e74",
"name": "Postman",
"url": "https://security.postman.com",
"host": "security.postman.com"
} |
| provider | {
"id": "safebase",
"name": "SafeBase"
} |
| links | {
"self": "/v1/security-updates/upd_a6024d4c1d8dc201",
"company": "/v1/companies/org_69f58ec0dcc1b656",
"trust_center": "/v1/trust-centers/tc_790930de45cf6e74",
"provider": "/v1/providers/safebase"
} |
Get this page with API
Rendered from the bluedoor Trust Centers API. Reproduce it:
GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_a6024d4c1d8dc201JSON