Hacker News new | ask | show | jobs
by dot_treo 86 days ago
Yeah, that release has the base64 blob, but it didn't contain the pth file that auto triggers the malware on import.
1 comments
jadamson 86 days ago
The latest version with the the pth file doesn't require an import to trigger the exploit (just having the package installed is enough thanks to [1]).

The previous version triggers on `import litellm.proxy`

Again, all according to the issue OP.

[1] https://docs.python.org/3/library/site.html

link