<?xml version="1.0" encoding="UTF-8"?><rss version="2.0" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>SupplyChain | OKHK 👀</title><description>个人数字泔水\(⁠◔⁠‿⁠◔⁠)✨ Thinking...</description><link>http://tg.okhk.net</link><item><title>🔴 Apifox 被投毒</title><link>http://tg.okhk.net/posts/9127</link><guid isPermaLink="true">http://tg.okhk.net/posts/9127</guid><pubDate>Wed, 25 Mar 2026 13:30:03 GMT</pubDate><content:encoded>&lt;div class=&quot;tgme_widget_message_forwarded_from accent_color&quot;&gt;Forwarded from &lt;a class=&quot;tgme_widget_message_forwarded_from_name&quot; href=&quot;https://t.me/outvivid/4833&quot; target=&quot;_blank&quot; rel=&quot;noopener&quot;&gt;&lt;span&gt;层叠 - The Cascading&lt;/span&gt;&lt;/a&gt;&lt;/div&gt;&lt;i class=&quot;emoji&quot;&gt;&lt;b&gt;🔴&lt;/b&gt;&lt;/i&gt; Apifox 被投毒。用户数据可能泄漏。&lt;br /&gt;&lt;br /&gt;- Apifox 是一个 API 管理与测试平台。&lt;br /&gt;- Apifox 的用户统计代码 CDN 在 3/4 后被投毒 [2]，现已恢复至原来版本。&lt;br /&gt;- 根据文章分析 (LLM?)，payload 会收集用户设备上的敏感信息及 Apifox 云服务凭据等，也可能造成其它种类的危害。&lt;br /&gt;- 托管 payload 的 C2 服务域名为 &lt;code&gt;apifox.it.com&lt;/code&gt;；现已停止解析。&lt;br /&gt;&lt;br /&gt;&lt;a href=&quot;https://rce.moe/2026/03/25/apifox-supply-chain-attack-analysis/&quot; target=&quot;_blank&quot; rel=&quot;noopener&quot; title=&quot;rce.moe/~&quot;&gt;rce.moe/~&lt;/a&gt;&lt;br /&gt;&lt;br /&gt;1. &lt;a href=&quot;https://web.archive.org/web/20260305051418/https://cdn.apifox.com/www/assets/js/apifox-app-event-tracking.min.js&quot; target=&quot;_blank&quot; rel=&quot;noopener&quot; title=&quot;web.archive.org&quot;&gt;web.archive.org&lt;/a&gt;/~&lt;br /&gt;&lt;br /&gt;linksrc: &lt;a href=&quot;https://t.me/renbaoshuo/1058&quot; target=&quot;_blank&quot; rel=&quot;noopener&quot; title=&quot;https://t.me/renbaoshuo/1058&quot;&gt;https://t.me/renbaoshuo/1058&lt;/a&gt;&lt;br /&gt;&lt;br /&gt;&lt;a href=&quot;/search/result?q=%23Security&quot; title=&quot;#Security&quot;&gt;#Security&lt;/a&gt; &lt;a href=&quot;/search/result?q=%23Apifox&quot; title=&quot;#Apifox&quot;&gt;#Apifox&lt;/a&gt; &lt;a href=&quot;/search/result?q=%23SupplyChain&quot; title=&quot;#SupplyChain&quot;&gt;#SupplyChain&lt;/a&gt;</content:encoded></item><item><title>🔴 LiteLLM 被骇，用户数据可能泄漏</title><link>http://tg.okhk.net/posts/9106</link><guid isPermaLink="true">http://tg.okhk.net/posts/9106</guid><pubDate>Tue, 24 Mar 2026 16:01:08 GMT</pubDate><content:encoded>&lt;div class=&quot;tgme_widget_message_forwarded_from accent_color&quot;&gt;Forwarded from &lt;a class=&quot;tgme_widget_message_forwarded_from_name&quot; href=&quot;https://t.me/outvivid/4832&quot; target=&quot;_blank&quot; rel=&quot;noopener&quot;&gt;&lt;span&gt;层叠 - The Cascading&lt;/span&gt;&lt;/a&gt;&lt;/div&gt;&lt;i class=&quot;emoji&quot;&gt;&lt;b&gt;🔴&lt;/b&gt;&lt;/i&gt; LiteLLM 被骇，用户数据可能泄漏。&lt;br /&gt;&lt;br /&gt;受影响版本是 1.82.7 及 1.82.8。&lt;br /&gt;&lt;br /&gt;&lt;a href=&quot;https://github.com/BerriAI/litellm/issues/24512&quot; target=&quot;_blank&quot; rel=&quot;noopener&quot; title=&quot;gh:BerriAI/litellm#24512&quot;&gt;gh:BerriAI/litellm#24512&lt;/a&gt;&lt;br /&gt;seealso: &lt;a href=&quot;https://news.ycombinator.com/item?id=47501729&quot; target=&quot;_blank&quot; rel=&quot;noopener&quot; title=&quot;HackerNews:47501729&quot;&gt;HackerNews:47501729&lt;/a&gt;&lt;br /&gt;&lt;br /&gt;linksrc: &lt;a href=&quot;https://t.me/bupt_moe/2676&quot; target=&quot;_blank&quot; rel=&quot;noopener&quot; title=&quot;https://t.me/bupt_moe/2676&quot;&gt;https://t.me/bupt_moe/2676&lt;/a&gt;&lt;br /&gt;&lt;br /&gt;&lt;a href=&quot;/search/result?q=%23Security&quot; title=&quot;#Security&quot;&gt;#Security&lt;/a&gt; &lt;a href=&quot;/search/result?q=%23LiteLLM&quot; title=&quot;#LiteLLM&quot;&gt;#LiteLLM&lt;/a&gt; &lt;a href=&quot;/search/result?q=%23SupplyChain&quot; title=&quot;#SupplyChain&quot;&gt;#SupplyChain&lt;/a&gt;&lt;a class=&quot;tgme_widget_message_link_preview&quot; href=&quot;https://github.com/BerriAI/litellm/issues/24512&quot; target=&quot;_blank&quot; rel=&quot;noopener&quot; title=&quot;[LITELLM TEAM] - For updates from the team, please see: #24518 [Security]: CRITICAL: Malicious litellm_init.pth in litellm 1.82.8 PyPI package — credential stealer Summary The litellm==1.82.8 wheel...&quot;&gt;
  
  &lt;div class=&quot;link_preview_site_name accent_color&quot;&gt;GitHub&lt;/div&gt;
  
  &lt;div class=&quot;link_preview_title&quot;&gt;[Security]: CRITICAL: Malicious litellm_init.pth in litellm 1.82.8 — credential stealer · Issue #24512 · BerriAI/litellm&lt;/div&gt;
  &lt;div class=&quot;link_preview_description&quot;&gt;[LITELLM TEAM] - For updates from the team, please see: #24518 [Security]: CRITICAL: Malicious litellm_init.pth in litellm 1.82.8 PyPI package — credential stealer Summary The litellm==1.82.8 wheel...&lt;/div&gt;
&lt;/a&gt;</content:encoded></item></channel></rss>