[jadamson]

In case you missed it, according to the OP, the previous point release (1.82.7) is also compromised.

[dot_treo]

Yeah, that release has the base64 blob, but it didn't contain the pth file that auto triggers the malware on import.

[jadamson]

The latest version with the the pth file doesn't require an import to trigger the exploit (just having the package installed is enough thanks to [1]).

The previous version triggers on `import litellm.proxy`

Again, all according to the issue OP.

[1] https://docs.python.org/3/library/site.html