Hackers Poisoned a Tool Downloaded 97 Million Times a Month. They Used AI to Do It.
On March 24th, two versions of LiteLLM - the tool thousands of companies use to connect to AI models - were infected with malware that stole passwords and cloud access keys. Three hours. That’s how long the poisoned versions were available. It was enough.
LiteLLM. If you’re not a developer, you’ve probably never heard of it. But it’s the tool thousands of companies use to connect to AI models - ChatGPT, Claude, Gemini, and others. 97 million downloads per month.
Domino effect - a cascading attack
The most interesting part of this story isn’t what happened - it’s how.
A hacker group called TeamPCP didn’t attack LiteLLM directly. Instead, they started with a completely different tool - a popular security scanning program. They broke into it on March 19th. Five days later, they used that access to steal the credentials of LiteLLM's maintainer and upload poisoned versions to the package registry where developers download their tools.
A security tool used to breach AI infrastructure. Like using the lock on the door to break into the house.
AI as a weapon
Here’s the most unsettling part. Security researchers discovered that the attackers used an AI agent - specifically the OpenClaw tool - to automate their attacks. This is one of the first known cases of AI being used as a cyber weapon.
A security tool, compromised, used to attack AI infrastructure, using another AI. Sit with that for a moment.
Fallout
The entire LiteLLM package was quarantined. Thousands of companies that use it as a gateway to AI models may have had their access keys to OpenAI, Anthropic, Google, and other services stolen.
Companies using official secured versions weren’t affected.
My take
This exposes something the AI industry doesn’t want to say out loud - the dependency chains in the AI ecosystem are fragile. One tool in the chain goes down and suddenly thousands of companies have a problem. And now AI is being used not just for defense - but for offense.
This is part of AITU #02 - a weekly roundup of AI and tech news. The full episode with 7 stories from March 20-27, 2026 is available on my YouTube channel.