LiteLLM, the popular AI gateway startup that helps developers route requests across multiple language model providers, has terminated its relationship with security compliance vendor Delve following a malware attack that compromised credential-stealing software on their systems. The breach occurred last week, affecting LiteLLM's infrastructure despite having obtained two security compliance certifications through Delve.

This incident highlights the growing security challenges facing AI infrastructure companies as they scale. LiteLLM has become a critical piece of infrastructure for thousands of developers who need to switch between OpenAI, Anthropic, Google, and other model providers without rewriting code. When a gateway like this gets compromised, it potentially exposes API keys and usage patterns for downstream applications — exactly the kind of supply chain risk that keeps CTOs awake at night.

The timing is particularly awkward given that LiteLLM likely paid Delve for those compliance certifications, only to discover their security partner couldn't protect them from basic credential theft. While the specific details of the malware remain unclear, the fact that it was described as "horrific" suggests this wasn't a sophisticated nation-state attack but rather a fundamental security failure that should have been prevented.

For developers using LiteLLM, this is a reminder to rotate your API keys and review what access you've granted to third-party services. The broader lesson: security compliance certificates are often just expensive paper if the underlying practices are flawed. As AI infrastructure becomes more critical, we need vendors who can actually deliver on security promises, not just check boxes.