Security Alert: Compromised Python Package – litellm

/in , , , /by

Dear NSCC Users,

We wish to inform you that two malicious versions of the Python package litellm (v1.82.7 or v1.82.8) was found on PyPI.

These tampered versions contained hidden code that runs automatically every time Python starts without needing to import the package. The malicious code was heavily obfuscated and designed to steal sensitive data, including environment variables, SSH keys, and cloud credentials, and transmit them to an attacker-controlled server.

Full details from the LiteLLM developer: https://docs.litellm.ai/blog/security-update-march-2026

Am I Affected?

You are likely affected if you performed any of the following actions between 24 March 2026 18:39 SGT and 25 March 2026 00:00 SGT:

  • Manual Install: Installed or upgraded litellm via pip.
  • Unpinned Versions: Ran `pip install litellm` which was not pinned to a specific version, resulting in the download of v1.82.7 or v1.82.8
  • Docker Builds: Built a Docker image during this window using `pip install litellm`.
  • Transitive Dependency: Used AI frameworks (e.g., CrewAI, LangChain, or MCP servers) that automatically pulled in litellm as a sub-dependency.

Immediate Actions Required:

  • Verify Installed Versions
    • ​​Run the following command in your terminal or environment:
      pip show litellm
      or
      pip list | grep litellm

    • If you have v1.82.7 or v1.82.8 installed, proceed to the next step.
  • Remove or Downgrade
    • Uninstall the compromised version:
      pip uninstall litellm

    • To resume your work safely, downgrade to a safe version:
      pip install litellm==1.82.6

  • Rotate Your Credentials
    • If you were running an affected version, assume all secrets in that environment are compromised.
    • Rotate any environment variables, SSH keys, API keys, and cloud credentials accessible from that environment.

Should you have any questions or need assistance, please contact our Helpdesk via the Service Desk Portal or email us at[email protected].

Thank you.

Warm regards,
The NSCC Team

[Resolved] Network Disruption for NTU Users Accessing ASPIRE 2A & ASPIRE 2A+​

/in , , , /by

Dear NTU Users,

We are pleased to inform you that the issue with the network disruption has been resolved. You may proceed to login to the ASPIRE 2A and ASPIRE 2A+ systems as per normal.

If you have any questions or require assistance, please contact the NSCC Helpdesk via the Service Desk Portal or email us at [email protected].

Thank you for your understanding.

Warm regards,
The NSCC Team

 

Network Disruption for NTU Users Accessing ASPIRE 2A & ASPIRE 2A+​

/in , , , /by

Dear NTU Users,

We would like to inform you that there is currently a network disruption affecting access to the ASPIRE 2A and ASPIRE 2A+ systems. The NTU team is working closely with NSCC to resolve the issue as soon as possible.

Cause of Disruption:
Network connectivity issue between NSCC and NTU.


Impact of the Disruption:
All NTU users are unable to access the ASPIRE 2A and ASPIRE 2A+ system.


If you have any questions or require assistance, please contact the NTU Helpdesk via [email protected].

Thank you for your understanding.

Warm regards,
The NSCC Team

Urgent Scheduled Maintenance of Job and Visualization Portals for ASPIRE 2A & ASPIRE 2A+

/in , , , /by

Dear NSCC Users,

We wish to inform you of an upcoming urgent scheduled system maintenance for the Job and Visualization portals of ASPIRE 2A and ASPIRE 2A+ to patch security vulnerabilities and ensure their long-term reliability, security, and stability.

Maintenance Details:

  • Start: 17 March 2026 (Tuesday), 9:00 AM SGT
  • End: 17 March 2026 (Tuesday), 11:00 AM SGT
  • Duration: 2 hours

Purpose:

  • To upgrade the Altair Access components to patch the security vulnerabilities.

Impact During the Maintenance Period:

  • During the maintenance window, users will not be able to log in to the Job and Visualization portals of ASPIRE 2A and ASPIRE 2A+.
  • You may continue to access the HPC systems via your respective institution’s login nodes.

We apologise for any inconvenience this may cause and thank you for your understanding. Should you have any questions or need assistance, please contact our Helpdesk via the Service Desk Portal or email us at [email protected].

Thank you.

Warm regards,
The NSCC Team