Berrijam A.I CyberSecurity Scoring
Berrijam
Company Information
Website:https://berrijam.com
Employees number:13
Number of followers:336
NAICS:518
Industry Type:Data Infrastructure and Analytics
Homepage:berrijam.com
Berrijam Risk Score (AI oriented)
Between 700 and 749
BerrijamData Infrastructure and Analytics
Updated:
24/03/2026
24/03/2026
732/1000
Moderate
Ba
Berrijam Global Score (TPRM)
xxxx
BerrijamData Infrastructure and Analytics
Score locked

BerrijamModerate
Current Score
732Ba (MODERATE)
01000
1 incidents
-22 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
734
JUNE 2026
734
MAY 2026
734
APRIL 2026
733
MARCH 2026
754
Cyber Attack
19 Mar 2026 • Berrijam
LiteLLM and Berri AI: LiteLLM infected with credential-stealing code via Trivy
Malicious Code Injection in LiteLLM Leads to PyPI Removal
732
CRITICAL-22
BERLIT1774384560
Malicious Code Injection in LiteLLM Leads to PyPI Removal
Two versions of LiteLLM (v1.82.7 and v1.82.8), an open-source interface for accessing multiple large language models, were removed from the Python Package Index (PyPI) after a supply chain attack inserted credential-stealing malware into the package.
The compromise stemmed from a misconfiguration in Trivy, an open-source vulnerability scanner maintained by Aqua Security, which was used in LiteLLM’s CI/CD pipeline. Attackers, identified as TeamPCP, exploited the flaw in late February to steal a privileged access token from Trivy’s GitHub Actions environment. Using the stolen credentials, they published malicious versions of Trivy (v0.69.4, v0.69.5, and v0.69.6) on March 19 and 22, including DockerHub images.
The attackers employed a sophisticated technique, modifying existing version tags in Trivy’s GitHub Action scripts to inject malicious code into workflows. Since many CI/CD pipelines rely on version tags rather than pinned commits, the changes went unnoticed, allowing the malware to execute undetected.
Krrish Dholakia, CEO of Berri AI (LiteLLM’s maintainer), confirmed that the attackers obtained LiteLLM’s PYPI_PUBLISH token, stored as an `.env` variable in the project’s GitHub repository, and used it to push the compromised versions. While LiteLLM accounts had 2FA enabled, the stolen token bypassed this protection. The team has since revoked all PyPI publishing tokens and is evaluating security improvements, including JWT-based trusted publishing and migrating to a new PyPI account.
Adding to the disruption, the GitHub vulnerability report for LiteLLM was targeted with a spam attack, flooding the discussion with AI-generated comments like "Thanks, that helped!" to obscure legitimate updates. Security researcher Rami McCarthy noted that 19 of the 25 spam accounts were also involved in the earlier Trivy campaign.
The Python Packaging Authority (PyPA) issued a security advisory, warning users who installed the affected LiteLLM versions to assume credential exposure and rotate any secrets accessible to the environment.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
FEBRUARY 2026
754
JANUARY 2026
754
DECEMBER 2025
754
NOVEMBER 2025
754
OCTOBER 2025
754
SEPTEMBER 2025
754
AUGUST 2025
754
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for Berrijam ??
What was Berrijam's A.I Rankiteo Cyber Score in June 2026 ??
What was Berrijam's A.I Rankiteo Cyber Score in May 2026 ??
What was Berrijam's A.I Rankiteo Cyber Score in April 2026 ??
What was Berrijam's A.I Rankiteo Cyber Score in March 2026 ??
What was Berrijam's A.I Rankiteo Cyber Score in February 2026 ??
What was Berrijam's A.I Rankiteo Cyber Score in January 2026 ??
What was Berrijam's A.I Rankiteo Cyber Score in December 2025 ??
What was Berrijam's A.I Rankiteo Cyber Score in November 2025 ??
What was Berrijam's A.I Rankiteo Cyber Score in October 2025 ??
What was Berrijam's A.I Rankiteo Cyber Score in September 2025 ??
What was Berrijam's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on Berrijam's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with Berrijam ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view Berrijam's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?