Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Berrijam

Berrijam Vendor Cyber Rating & Cyber Score

berrijam.com

Berrijam's unique AI platforms and services are designed to empower you. We provide AI-driven insights and predictions, so you can make smarter decisions, faster! We do this by maximizing your data's potential, so you can zero in on factors and segments that are crucial to your business goals, thereby optimizing your time and resources. Our Mission at Berrijam is to bring equity to AI by making it simple, accessible and affordable. #NoCodeAI #AI #ML #DataScience


Berrijam A.I CyberSecurity Scoring

Berrijam
Company Information
Website:https://berrijam.com
Employees number:13
Number of followers:336
NAICS:518
Industry Type:Data Infrastructure and Analytics
Homepage:berrijam.com
Berrijam Risk Score (AI oriented)
Between 700 and 749
logo
BerrijamData Infrastructure and Analytics
Updated:
24/03/2026
732/1000
Moderate
Ba
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
Berrijam Global Score (TPRM)
xxxx
logo
BerrijamData Infrastructure and Analytics
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

Berrijam
BerrijamModerate
Current Score
732Ba (MODERATE)
01000
1 incidents
-22 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
734Before Incident
JUNE 2026
734Before Incident
MAY 2026
734Before Incident
APRIL 2026
733Before Incident
MARCH 2026
754Before Incident
Cyber Attack
19 Mar 2026Berrijam
LiteLLM and Berri AI: LiteLLM infected with credential-stealing code via Trivy

Malicious Code Injection in LiteLLM Leads to PyPI Removal

732After Incident
CRITICAL-22
BERLIT1774384560
Malicious Code Injection in LiteLLM Leads to PyPI Removal Two versions of LiteLLM (v1.82.7 and v1.82.8), an open-source interface for accessing multiple large language models, were removed from the Python Package Index (PyPI) after a supply chain attack inserted credential-stealing malware into the package. The compromise stemmed from a misconfiguration in Trivy, an open-source vulnerability scanner maintained by Aqua Security, which was used in LiteLLM’s CI/CD pipeline. Attackers, identified as TeamPCP, exploited the flaw in late February to steal a privileged access token from Trivy’s GitHub Actions environment. Using the stolen credentials, they published malicious versions of Trivy (v0.69.4, v0.69.5, and v0.69.6) on March 19 and 22, including DockerHub images. The attackers employed a sophisticated technique, modifying existing version tags in Trivy’s GitHub Action scripts to inject malicious code into workflows. Since many CI/CD pipelines rely on version tags rather than pinned commits, the changes went unnoticed, allowing the malware to execute undetected. Krrish Dholakia, CEO of Berri AI (LiteLLM’s maintainer), confirmed that the attackers obtained LiteLLM’s PYPI_PUBLISH token, stored as an `.env` variable in the project’s GitHub repository, and used it to push the compromised versions. While LiteLLM accounts had 2FA enabled, the stolen token bypassed this protection. The team has since revoked all PyPI publishing tokens and is evaluating security improvements, including JWT-based trusted publishing and migrating to a new PyPI account. Adding to the disruption, the GitHub vulnerability report for LiteLLM was targeted with a spam attack, flooding the discussion with AI-generated comments like "Thanks, that helped!" to obscure legitimate updates. Security researcher Rami McCarthy noted that 19 of the 25 spam accounts were also involved in the earlier Trivy campaign. The Python Packaging Authority (PyPA) issued a security advisory, warning users who installed the affected LiteLLM versions to assume credential exposure and rotate any secrets accessible to the environment.
INCIDENT DETAILS -
TYPE
Supply Chain Attack
IMPACT
Data Compromised: Credentials (PYPI_PUBLISH token)LiteLLM package (v1.82.7, v1.82.8)Trivy (v0.69.4, v0.69.5, v0.69.6)Operational Impact: PyPI package removal, credential rotation requiredBrand Reputation Impact: YesIdentity Theft Risk: Yes (credential exposure)
DATA BREACH
Type Of Data Compromised: Credentials (PYPI_PUBLISH token)Sensitivity Of Data: High (privileged access token)
FEBRUARY 2026
754Before Incident
JANUARY 2026
754Before Incident
DECEMBER 2025
754Before Incident
NOVEMBER 2025
754Before Incident
OCTOBER 2025
754Before Incident
SEPTEMBER 2025
754Before Incident
AUGUST 2025
754Before Incident

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for Berrijam ?
?
What was Berrijam's A.I Rankiteo Cyber Score in June 2026 ?
?
What was Berrijam's A.I Rankiteo Cyber Score in May 2026 ?
?
What was Berrijam's A.I Rankiteo Cyber Score in April 2026 ?
?
What was Berrijam's A.I Rankiteo Cyber Score in March 2026 ?
?
What was Berrijam's A.I Rankiteo Cyber Score in February 2026 ?
?
What was Berrijam's A.I Rankiteo Cyber Score in January 2026 ?
?
What was Berrijam's A.I Rankiteo Cyber Score in December 2025 ?
?
What was Berrijam's A.I Rankiteo Cyber Score in November 2025 ?
?
What was Berrijam's A.I Rankiteo Cyber Score in October 2025 ?
?
What was Berrijam's A.I Rankiteo Cyber Score in September 2025 ?
?
What was Berrijam's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on Berrijam's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with Berrijam ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view Berrijam's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?