Startups
The Collision of LiteLLM and Delve: A Silicon Valley Showdown
This Week’s Unfortunate Discovery in the Silicon Valley Tech Scene
In a plotline straight out of a Silicon Valley satire, a disturbing malware incident recently unfolded in an open source project associated with Y Combinator graduate LiteLLM. The malware, described as truly atrocious, was detected within LiteLLM’s popular platform that offers developers access to numerous AI models and features like spend management. Snyk, a security research firm, reported that LiteLLM’s project, boasting 40K GitHub stars and numerous forks, was being downloaded up to 3.4 million times daily.
The discovery of the malware was credited to Callum McMahon, a research scientist at FutureSearch, a company specializing in AI agents for web research. The malware infiltrated LiteLLM through a dependency, compromising login credentials and spreading rapidly to harvest more data. McMahon’s investigation into the incident was triggered when his own machine shut down after downloading LiteLLM, revealing the malware’s presence. Interestingly, a flaw in the malware caused McMahon’s device to malfunction, leading him and AI researcher Andrej Karpathy to speculate that it was hastily coded.
LiteLLM’s development team promptly responded to the crisis, working tirelessly to address the issue. Fortunately, the malware was detected and contained relatively quickly, likely within hours of its emergence.
Security Compliance Certifications and Controversies
An intriguing aspect of this saga revolves around LiteLLM’s claim of holding two major security compliance certifications, SOC2 and ISO 27001. However, it was revealed that these certifications were obtained through a startup named Delve, known for its AI-powered compliance solutions. Delve has faced allegations of misleading customers regarding their compliance status, with accusations of generating fake data and employing lenient auditors. Delve has refuted these claims.
Image Credits:LiteLLM
It’s essential to note that certifications like SOC2 and ISO 27001 are designed to demonstrate a company’s robust security protocols, although they do not guarantee immunity against cyber threats. Despite LiteLLM’s certifications covering software dependency policies, the malware incident still occurred, highlighting the persistent risk of such attacks.
Engineer Gergely Orosz emphasized the irony surrounding LiteLLM’s situation, as online observers expressed disbelief at the company’s association with Delve for security certifications. Orosz remarked, “Oh damn, I thought this WAS a joke… but no, LiteLLM *really* was ‘Secured by Delve.'”
CEO Response and Future Steps
LiteLLM’s CEO, Krrish Dholakia, refrained from commenting on the Delve controversy, focusing instead on addressing the aftermath of the malware attack. Dholakia emphasized the ongoing investigation in collaboration with Mandiant and pledged to share insights with the developer community once the forensic review is finalized.
2027 Cupra Tavascan EV: Enhanced Interior and Base Grade
Unveiling the Future: Hades 2, The Expanse, and Bluey Lead Xbox’s Latest Games Showcase
The Self-Healing Smartphones!
Tech Threats: PQC Advancements, AI Vulnerability Hunt, Piracy Dangers, Phishing Schemes & More
Permadeath Protocol: A Star Wars Zero Company Adventure
The Collision of LiteLLM and Delve: A Silicon Valley Showdown
The End of an Era: Apple Officially Retires the Mac Pro
Google’s Effortless Integration of AI Memory into Gemini
Comparing MVP and Full-Scale Mobile Apps: Finding the Best Fit
EU Takes Action Against Instagram and Facebook for Violating Illegal Content Rules
Warning: Facebook Creators Face Monetization Loss for Stealing and Reposting Videos
Facebook Compliance: ICE-tracking Page Removed After US Government Intervention
Facebook’s New Look: A Blend of Instagram’s Style
Facebook and Instagram to Reduce Personalized Ads for European Users
InstaDub: Meta’s AI Translation Tool for Instagram Videos
Reclaim Your Account: Facebook and Instagram Launch New Hub for Account Recovery
Meta discontinues Messenger apps for Windows and macOS
Breaking Updates: Meta Connect 2025 Unveils Latest Developments
The Self-Healing Smartphones!
Apple is not what it used to be.
Smartphones are Boring now.
The Fastest Android Phone Ever.
Unboxing the $122,000 Smartphone. 🤯
Are Linux Smartphones about to KILL Android?
15 Smartphone FAILS to ruin your day 😂
World’s Biggest Smartphone Collection?
I switched to iPhone – This is what I found out.
-
Facebook5 months agoEU Takes Action Against Instagram and Facebook for Violating Illegal Content Rules
-
Facebook5 months agoWarning: Facebook Creators Face Monetization Loss for Stealing and Reposting Videos
-
Facebook5 months agoFacebook Compliance: ICE-tracking Page Removed After US Government Intervention
-
Facebook4 months agoFacebook’s New Look: A Blend of Instagram’s Style
-
Facebook4 months agoFacebook and Instagram to Reduce Personalized Ads for European Users
-
Facebook5 months agoInstaDub: Meta’s AI Translation Tool for Instagram Videos
-
Facebook4 months agoReclaim Your Account: Facebook and Instagram Launch New Hub for Account Recovery
-
Apple5 months agoMeta discontinues Messenger apps for Windows and macOS
