Tesla's former VP Andrej Karpathy shares AI coding 'horror', 'Python supply chain attack' that could have wiped millions of SSL private keys, database passwords, more; and Elon Musk 'agrees', says ...

A compromised version of the popular AI library LiteLLM, with 97 million monthly downloads, briefly turned pip installs into a credential theft operation. The malicious package, live for two hours, was only detected due to a bug causing a system crash. This incident highlights the risks of extensive dependency chains in software development.

Mar 25, 2026 0

Tesla's former VP Andrej Karpathy shares AI coding 'horror', 'Python supply chain attack' that could have wiped millions of SSL private keys, database passwords, more; and Elon Musk 'agrees', says ...
A compromised version of the popular AI library LiteLLM, with 97 million monthly downloads, briefly turned pip installs into a credential theft operation. The malicious package, live for two hours, was only detected due to a bug causing a system crash. This incident highlights the risks of extensive dependency chains in software development.
Read More