{"id":13296,"date":"2026-04-07T10:00:30","date_gmt":"2026-04-07T06:00:30","guid":{"rendered":"https:\/\/me.kaspersky.com\/blog\/?p=13296"},"modified":"2026-04-06T17:45:03","modified_gmt":"2026-04-06T13:45:03","slug":"critical-supply-chain-attack-trivy-litellm-checkmarx-teampcp","status":"publish","type":"post","link":"https:\/\/me.kaspersky.com\/blog\/critical-supply-chain-attack-trivy-litellm-checkmarx-teampcp\/13296\/","title":{"rendered":"\u0647\u062c\u0648\u0645 \u0633\u0644\u0633\u0644\u0629 \u0627\u0644\u062a\u0648\u0631\u064a\u062f \u0639\u0628\u0631 Trivy \u0648LiteLLM: \u062d\u0645\u0627\u064a\u0629 \u0645\u0633\u0627\u0631 \u0627\u0644\u062a\u0643\u0627\u0645\u0644 \u0627\u0644\u0645\u0633\u062a\u0645\u0631 \/ \u0627\u0644\u0646\u0634\u0631 \u0627\u0644\u0645\u0633\u062a\u0645\u0631 (CI\/CD) \u0645\u0646 \u0627\u0644\u062b\u063a\u0631\u0629 CVE-2026-33634"},"content":{"rendered":"<p>\u062a\u0639\u062a\u0645\u062f \u0627\u0644\u0645\u0644\u0627\u064a\u064a\u0646 \u0645\u0646 \u0645\u0633\u0627\u0631\u0627\u062a \u062a\u0637\u0648\u064a\u0631 \u0627\u0644\u0628\u0631\u0627\u0645\u062c \u0627\u0644\u0645\u0624\u062a\u0645\u062a\u0629 \u0639\u0644\u0649 \u0623\u062f\u0648\u0627\u062a \u0623\u0645\u0646\u064a\u0629 \u2013 \u0645\u062b\u0644 Trivy \u0648Checkmarx AST \u2013 \u0627\u0644\u0645\u062f\u0645\u062c\u0629 \u0641\u064a \u0639\u0645\u0644\u064a\u0629 \u0627\u0644\u0625\u0646\u0634\u0627\u0621. \u0648\u0645\u0646 \u0627\u0644\u0645\u0641\u0627\u0631\u0642\u0629 \u0623\u0646 \u0647\u0630\u0647 \u0627\u0644\u062d\u0644\u0648\u0644 \u0627\u0644\u0645\u0648\u062b\u0648\u0642\u0629 \u062a\u062d\u062f\u064a\u062f\u064b\u0627 \u0647\u064a \u0627\u0644\u062a\u064a \u0623\u0635\u0628\u062d\u062a \u0645\u0624\u062e\u0631\u064b\u0627 \u0646\u0642\u0637\u0629 \u0627\u0644\u0627\u0646\u0637\u0644\u0627\u0642 \u0644\u0648\u0627\u062d\u062f \u0645\u0646 \u0623\u0643\u0628\u0631 \u0648\u0623\u062e\u0637\u0631 \u0647\u062c\u0645\u0627\u062a \u0633\u0644\u0633\u0644\u0629 \u0627\u0644\u062a\u0648\u0631\u064a\u062f \u0641\u064a \u0627\u0644\u062a\u0627\u0631\u064a\u062e \u0627\u0644\u062d\u062f\u064a\u062b. \u0648\u0646\u0646\u0627\u0642\u0634 \u0641\u064a \u0647\u0630\u0627 \u0627\u0644\u0645\u0642\u0627\u0644 \u0643\u064a\u0641\u064a\u0629 \u062a\u062f\u0642\u064a\u0642 \u0633\u064a\u0631 \u0627\u0644\u0639\u0645\u0644 \u0627\u0644\u0645\u0624\u062a\u0645\u062a \u0648\u062a\u0623\u0645\u064a\u0646 \u0627\u0644\u0628\u0646\u064a\u0629 \u0627\u0644\u062a\u062d\u062a\u064a\u0629 \u0627\u0644\u0633\u062d\u0627\u0628\u064a\u0629 \u0644\u0644\u0645\u0624\u0633\u0633\u0627\u062a.<\/p>\n<h2>\u0627\u0644\u0645\u062e\u0637\u0637 \u0627\u0644\u0632\u0645\u0646\u064a \u0644\u0644\u0647\u062c\u0648\u0645 \u0648\u0627\u0644\u0639\u0648\u0627\u0642\u0628 \u0627\u0644\u0645\u0639\u0631\u0648\u0641\u0629<\/h2>\n<p>\u0641\u064a 19 \u0645\u0627\u0631\u0633\u060c \u0646\u064f\u0641\u0630 \u0647\u062c\u0648\u0645 \u0633\u0644\u0633\u0644\u0629 \u062a\u0648\u0631\u064a\u062f \u0646\u0627\u062c\u062d \u0648\u0645\u0648\u062c\u0647 \u0639\u0628\u0631 \u0623\u062f\u0627\u0629 Trivy\u060c \u0648\u0647\u064a \u0623\u062f\u0627\u0629 \u0645\u0641\u062a\u0648\u062d\u0629 \u0627\u0644\u0645\u0635\u062f\u0631 \u0644\u0641\u062d\u0635 \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u062a\u064f\u0633\u062a\u062e\u062f\u0645 \u0639\u0644\u0649 \u0646\u0637\u0627\u0642 \u0648\u0627\u0633\u0639 \u0641\u064a \u0645\u0633\u0627\u0631\u0627\u062a \u0627\u0644\u062a\u0643\u0627\u0645\u0644 \u0627\u0644\u0645\u0633\u062a\u0645\u0631 \/ \u0627\u0644\u0646\u0634\u0631 \u0627\u0644\u0645\u0633\u062a\u0645\u0631 (CI\/CD). \u0648\u0642\u062f \u062a\u0645\u0643\u0646 \u0627\u0644\u0645\u0647\u0627\u062c\u0645\u0648\u0646 \u2013 \u0648\u0647\u0645 \u0645\u062c\u0645\u0648\u0639\u0629 \u062a\u064f\u0639\u0631\u0641 \u0628\u0627\u0633\u0645 TeamPCP \u2013 \u0645\u0646 \u062d\u0642\u0646 \u0628\u0631\u0627\u0645\u062c \u0636\u0627\u0631\u0629 \u062f\u0627\u062e\u0644 \u0633\u064a\u0631 \u0639\u0645\u0644 GitHub Actions \u0627\u0644\u0631\u0633\u0645\u064a \u0648\u0635\u0648\u0631 Docker \u0627\u0644\u0645\u0631\u062a\u0628\u0637\u0629 \u0628\u062d\u0644 Trivy. \u0648\u0646\u062a\u064a\u062c\u0629 \u0644\u0630\u0644\u0643\u060c \u0623\u062f\u062a \u0643\u0644 \u0639\u0645\u0644\u064a\u0629 \u0641\u062d\u0635 \u0622\u0644\u064a \u0644\u0644\u0645\u0633\u0627\u0631\u0627\u062a \u0625\u0644\u0649 \u062a\u0641\u0639\u064a\u0644 \u0628\u0631\u0627\u0645\u062c \u0636\u0627\u0631\u0629 \u0633\u0631\u0642\u062a \u0645\u0641\u0627\u062a\u064a\u062d SSH\u060c \u0648\u0631\u0645\u0648\u0632 \u0627\u0644\u0648\u0635\u0648\u0644 \u0627\u0644\u0633\u062d\u0627\u0628\u064a\u060c \u0648\u0645\u062d\u0627\u0641\u0638 \u0627\u0644\u0639\u0645\u0644\u0627\u062a \u0627\u0644\u0645\u0634\u0641\u0631\u0629\u060c \u0648\u063a\u064a\u0631\u0647\u0627 \u0645\u0646 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \u0627\u0644\u0642\u064a\u0645\u0629 \u0645\u0646 \u0627\u0644\u0623\u0646\u0638\u0645\u0629 \u0627\u0644\u0645\u062e\u062a\u0631\u0642\u0629. \u0648\u0646\u0638\u0631\u064b\u0627 \u0644\u062e\u0637\u0648\u0631\u0629 \u0627\u0644\u062d\u0627\u062f\u062b\u060c \u062e\u064f\u0635\u0635 \u0644\u0647 \u0627\u0644\u0645\u0639\u0631\u0641 <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2026-33634\">CVE-2026-33634<\/a>\u060c \u0645\u0639 \u062f\u0631\u062c\u0629 \u062e\u0637\u0648\u0631\u0629 CVSS4B \u0628\u0644\u063a\u062a 9.4\u060c \u0648\u0647\u064a \u062f\u0631\u062c\u0629 \u0642\u0631\u064a\u0628\u0629 \u0645\u0646 \u0627\u0644\u062d\u062f \u0627\u0644\u0623\u0642\u0635\u0649.<\/p>\n<p>\u0641\u064a \u0648\u0642\u062a \u0644\u0627\u062d\u0642 \u0645\u0646 \u0627\u0644\u064a\u0648\u0645 \u0646\u0641\u0633\u0647\u060c \u0627\u0643\u062a\u0634\u0641 \u0641\u0631\u064a\u0642 Trivy \u0627\u0644\u0647\u062c\u0648\u0645 \u0648\u0623\u0632\u0627\u0644 \u0627\u0644\u0645\u0644\u0641\u0627\u062a \u0627\u0644\u062e\u0628\u064a\u062b\u0629 \u0645\u0646 \u0642\u0646\u0648\u0627\u062a \u0627\u0644\u062a\u0648\u0632\u064a\u0639\u060c \u0645\u0645\u0627 \u0623\u062f\u0649 \u0625\u0644\u0649 \u0625\u064a\u0642\u0627\u0641 \u0647\u0630\u0647 \u0627\u0644\u0645\u0631\u062d\u0644\u0629 \u0645\u0646 \u0627\u0644\u0647\u062c\u0648\u0645. \u0648\u0645\u0639 \u0630\u0644\u0643\u060c \u0643\u0627\u0646 \u0627\u0644\u0645\u0647\u0627\u062c\u0645\u0648\u0646 \u0642\u062f \u062a\u0645\u0643\u0646\u0648\u0627 \u0628\u0627\u0644\u0641\u0639\u0644 \u0645\u0646 \u0627\u0644\u0648\u0635\u0648\u0644 \u0625\u0644\u0649 \u0628\u064a\u0626\u0627\u062a \u0627\u0644\u0639\u0645\u0644 \u0627\u0644\u062e\u0627\u0635\u0629 \u0628\u0627\u0644\u0643\u062b\u064a\u0631 \u0645\u0646 \u0645\u0633\u062a\u062e\u062f\u0645\u064a Trivy.<\/p>\n<p>\u0641\u064a 23 \u0645\u0627\u0631\u0633\u060c \u0643\u064f\u0634\u0641 <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.sysdig.com\/blog\/teampcp-expands-supply-chain-compromise-spreads-from-trivy-to-checkmarx-github-actions\">\u062d\u0627\u062f\u062b \u0645\u0645\u0627\u062b\u0644<\/a> \u0641\u064a \u0623\u062f\u0627\u0629 \u0623\u0645\u0646\u064a\u0629 \u0623\u062e\u0631\u0649 \u0644\u0644\u062a\u0637\u0628\u064a\u0642\u0627\u062a: \u0648\u0647\u064a \u0625\u062d\u062f\u0649 \u0625\u062c\u0631\u0627\u0621\u0627\u062a GitHub (GitHub Action) \u0627\u0644\u062e\u0627\u0635\u0629 \u0628\u0640 Checkmarx KICS\u060c \u0628\u0627\u0644\u0625\u0636\u0627\u0641\u0629 \u0625\u0644\u0649 Checkmarx AST. \u0648\u0628\u0639\u062f \u0645\u0631\u0648\u0631 \u062b\u0644\u0627\u062b \u0633\u0627\u0639\u0627\u062a\u060c \u0623\u064f\u0632\u064a\u0644\u062a \u0627\u0644\u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629 \u0627\u0644\u062e\u0628\u064a\u062b\u0629 \u0645\u0646 \u0647\u0646\u0627\u0643 \u0623\u064a\u0636\u064b\u0627. \u0648\u062a\u0645\u0643\u0646\u062a \u0643\u0630\u0644\u0643 \u0645\u062c\u0645\u0648\u0639\u0629 TeamPCP \u0645\u0646 \u0627\u062e\u062a\u0631\u0627\u0642 <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/x.com\/ReversingLabs\/status\/2036193573796978729?s=20\">\u0645\u0644\u062d\u0642\u0627\u062a OpenVSX<\/a> \u0627\u0644\u062a\u064a \u062a\u062f\u0639\u0645\u0647\u0627 Checkmarx\u060c \u0648\u062a\u062d\u062f\u064a\u062f\u064b\u0627 <em>cx-dev-assist 1.7.0<\/em> \u0648<em>ast-results<\/em>. \u0648\u062a\u062a\u0636\u0627\u0631\u0628 \u0627\u0644\u062a\u0642\u0627\u0631\u064a\u0631 \u062d\u0648\u0644 \u0627\u0644\u062a\u0648\u0642\u064a\u062a \u0627\u0644\u0630\u064a \u062a\u0645 \u0641\u064a\u0647 \u062d\u0644 \u0647\u0630\u0627 \u0627\u0644\u062c\u0632\u0621 \u0645\u0646 \u0627\u0644\u062d\u0627\u062f\u062b.<\/p>\n<p>\u0641\u064a 24 \u0645\u0627\u0631\u0633\u060c \u062a\u0639\u0631\u0636 \u0645\u0634\u0631\u0648\u0639 \u0634\u0647\u064a\u0631 \u064a\u0633\u062a\u062e\u062f\u0645 \u0641\u062d\u0635 \u0627\u0644\u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629 \u0639\u0628\u0631 Trivy \u0644\u0644\u0647\u062c\u0648\u0645 \u2013 \u0648\u0647\u0648 \u0628\u0648\u0627\u0628\u0629 \u0627\u0644\u0630\u0643\u0627\u0621 \u0627\u0644\u0627\u0635\u0637\u0646\u0627\u0639\u064a LiteLLM\u060c \u0648\u0647\u064a \u0645\u0643\u062a\u0628\u0629 \u0639\u0627\u0644\u0645\u064a\u0629 \u0644\u0644\u0648\u0635\u0648\u0644 \u0625\u0644\u0649 \u0645\u0632\u0648\u062f\u064a \u0646\u0645\u0627\u0630\u062c \u0627\u0644\u0644\u063a\u0629 \u0627\u0644\u0643\u0628\u064a\u0631\u0629 (LLM) \u0627\u0644\u0645\u062e\u062a\u0644\u0641\u064a\u0646. \u0648\u062a\u0645 \u0627\u062e\u062a\u0631\u0627\u0642 \u0627\u0644\u0625\u0635\u062f\u0627\u0631\u064a\u0646 1.82.7 \u06481.82.8 \u0627\u0644\u0644\u0630\u064a\u0646 \u0631\u064f\u0641\u0639\u0627 \u0625\u0644\u0649 \u0645\u0633\u062a\u0648\u062f\u0639 PyPI. \u0648\u0638\u0644\u062a \u0647\u0630\u0647 \u0627\u0644\u0625\u0635\u062f\u0627\u0631\u0627\u062a \u0645\u062a\u0627\u062d\u0629 \u0644\u0644\u062c\u0645\u0647\u0648\u0631 \u0644\u0645\u062f\u0629 \u062e\u0645\u0633 \u0633\u0627\u0639\u0627\u062a \u062a\u0642\u0631\u064a\u0628\u064b\u0627.<\/p>\n<p>\u0644\u0643\u0646 \u062d\u0642\u064a\u0642\u0629 \u0623\u0646 \u0627\u0644\u0647\u062c\u0648\u0645 \u0627\u0633\u062a\u0645\u0631 \u0644\u0628\u0636\u0639 \u0633\u0627\u0639\u0627\u062a \u0641\u0642\u0637 \u0644\u064a\u0633\u062a \u0633\u0628\u0628\u064b\u0627 \u0644\u0644\u062a\u063a\u0627\u0636\u064a \u0639\u0646\u0647. \u0648\u0646\u0638\u0631\u064b\u0627 \u0644\u0634\u0639\u0628\u064a\u0629 \u0627\u0644\u0645\u0634\u0627\u0631\u064a\u0639 \u0627\u0644\u0645\u062a\u0636\u0631\u0631\u0629\u060c \u0643\u0627\u0646 \u0645\u0646 \u0627\u0644\u0645\u0645\u0643\u0646 \u062a\u0646\u0641\u064a\u0630 \u0627\u0644\u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629 \u0627\u0644\u0636\u0627\u0631\u0629 \u0622\u0644\u0627\u0641\u064b\u0627 \u0645\u0646 \u0627\u0644\u0645\u0631\u0627\u062a \u2013 \u0628\u0645\u0627 \u0641\u064a \u0630\u0644\u0643 \u062f\u0627\u062e\u0644 \u0627\u0644\u0628\u0646\u064a\u0629 \u0627\u0644\u062a\u062d\u062a\u064a\u0629 \u0644\u0634\u0631\u0643\u0627\u062a \u0643\u0628\u0631\u0649 \u062c\u062f\u064b\u0627.<\/p>\n<p>\u0623\u062a\u0627\u062d \u0630\u0644\u0643 \u0644\u0644\u0645\u0647\u0627\u062c\u0645\u064a\u0646 \u0646\u0634\u0631 \u0623\u0628\u0648\u0627\u0628 \u062e\u0644\u0641\u064a\u0629 \u062f\u0627\u0626\u0645\u0629 \u0641\u064a \u0645\u062c\u0645\u0648\u0639\u0627\u062a Kubernetes\u060c \u0641\u0636\u0644\u064b\u0627 \u0639\u0646 \u0625\u0637\u0644\u0627\u0642 \u0641\u064a\u0631\u0648\u0633 <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.stepsecurity.io\/blog\/canisterworm-how-a-self-propagating-npm-worm-is-spreading-backdoors-across-the-ecosystem\">CanisterWorm<\/a> \u0630\u0627\u062a\u064a \u0627\u0644\u062a\u0643\u0627\u062b\u0631 \u0639\u0628\u0631 \u0645\u0646\u0638\u0648\u0645\u0629 npm \u0627\u0644\u062e\u0627\u0635\u0629 \u0628\u0644\u063a\u0629 JavaScript.<\/p>\n<p>\u062a\u062a\u0645\u062a\u0639 \u0627\u0644\u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629 \u0627\u0644\u062e\u0627\u0635\u0629 \u0627\u0644\u0645\u0647\u0627\u062c\u0645\u064a\u0646 <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.aikido.dev\/blog\/teampcp-stage-payload-canisterworm-iran\">\u0628\u0642\u062f\u0631\u0627\u062a \u062a\u062f\u0645\u064a\u0631\u064a\u0629<\/a> \u062a\u0624\u062f\u064a \u0625\u0644\u0649 \u0645\u062d\u0648 \u0645\u062c\u0645\u0648\u0639\u0627\u062a Kubernetes \u0648\u062c\u0645\u064a\u0639 \u0639\u0642\u062f\u0647\u0627 \u062a\u0645\u0627\u0645\u064b\u0627 \u0641\u064a \u062d\u0627\u0644 \u0627\u0643\u062a\u0634\u0627\u0641\u0647\u0627 \u0625\u0645\u0627 \u0627\u0644\u062a\u0648\u0642\u064a\u062a \u0627\u0644\u0632\u0645\u0646\u064a \u0644\u0645\u062f\u064a\u0646\u0629 \u0637\u0647\u0631\u0627\u0646\u060c \u0623\u0648 \u0627\u0644\u0644\u063a\u0629 \u0627\u0644\u0641\u0627\u0631\u0633\u064a\u0629 \u0628\u0635\u0641\u062a\u0647\u0627 \u0644\u063a\u0629 \u0623\u0633\u0627\u0633\u064a\u0629 \u0641\u064a \u0627\u0644\u0646\u0638\u0627\u0645 \u0627\u0644\u0645\u062e\u062a\u0631\u0642. \u0648\u0641\u064a \u0645\u0646\u0627\u0637\u0642 \u0623\u062e\u0631\u0649\u060c \u062a\u0643\u062a\u0641\u064a \u0627\u0644\u0628\u0631\u0627\u0645\u062c \u0627\u0644\u0636\u0627\u0631\u0629 \u0628\u0633\u0631\u0642\u0629 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \u0628\u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0641\u064a\u0631\u0648\u0633 CanisterWorm.<\/p>\n<p>\u0648\u0641\u0642\u064b\u0627 \u0644\u0644\u062e\u0628\u0631\u0627\u0621\u060c \u064a\u064f\u0639\u062a\u0628\u0631 \u0623\u0643\u062b\u0631 \u0645\u0646 20000 \u0645\u0633\u062a\u0648\u062f\u0639 \u0628\u0631\u0627\u0645\u062c \u0639\u0631\u0636\u0629 \u0644\u0644\u062e\u0637\u0631 \u0627\u0644\u0645\u062d\u062a\u0645\u0644. \u0648\u064a\u062f\u0639\u064a \u0627\u0644\u0645\u0647\u0627\u062c\u0645\u0648\u0646 \u0623\u0646\u0647\u0645 \u0633\u0631\u0642\u0648\u0627 \u0645\u0626\u0627\u062a \u0627\u0644\u062c\u064a\u062c\u0627\u0628\u0627\u064a\u062a \u0645\u0646 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \u0648<a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/popular-litellm-pypi-package-compromised-in-teampcp-supply-chain-attack\/\">\u0623\u0643\u062b\u0631 \u0645\u0646 \u0646\u0635\u0641 \u0645\u0644\u064a\u0648\u0646 \u062d\u0633\u0627\u0628<\/a>.<\/p>\n<h2>\u0643\u064a\u0641 \u062a\u0639\u0631\u0636 Trivy \u0644\u0644\u0647\u062c\u0648\u0645<\/h2>\n<p>\u0644\u0627\u062e\u062a\u0631\u0627\u0642 Trivy\u060c \u0627\u0633\u062a\u062e\u062f\u0645 \u0627\u0644\u0645\u0647\u0627\u062c\u0645\u0648\u0646 \u0628\u064a\u0627\u0646\u0627\u062a \u0627\u0639\u062a\u0645\u0627\u062f \u0633\u064f\u0631\u0642\u062a \u0641\u064a \u062d\u0627\u062f\u062b \u0633\u0627\u0628\u0642. \u0648\u064a\u0628\u062f\u0648 \u0623\u0646 <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/cybernews.com\/security\/claude-powered-ai-bot-compromises-five-github-repositories\/\">\u0627\u062e\u062a\u0631\u0627\u0642 Trivy \u0627\u0644\u0633\u0627\u0628\u0642<\/a>\u060c \u0627\u0644\u0630\u064a \u0648\u0642\u0639 \u0641\u064a \u0623\u0648\u0627\u062e\u0631 \u0641\u0628\u0631\u0627\u064a\u0631\u060c \u0644\u0645 \u064a\u062a\u0645 \u0627\u062d\u062a\u0648\u0627\u0624\u0647 \u0643\u0644\u064a\u064b\u0627\u060c \u062d\u064a\u062b \u0639\u0627\u062f\u062a \u0645\u062c\u0645\u0648\u0639\u0629 TeamPCP \u0646\u0641\u0633\u0647\u0627 \u0644\u0634\u0646 \u0647\u062c\u0648\u0645 \u062c\u062f\u064a\u062f. \u0648<a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/github.com\/aquasecurity\/trivy\/discussions\/10425\">\u064a\u0631\u062c\u062d<\/a> \u0645\u0637\u0648\u0631\u0648 Trivy \u0641\u064a \u0634\u0631\u0643\u0629 Aqua Security \u0623\u0646\u0647 \u0646\u0638\u0631\u064b\u0627 \u0644\u0625\u0644\u063a\u0627\u0621 \u0628\u064a\u0627\u0646\u0627\u062a \u0627\u0644\u0627\u0639\u062a\u0645\u0627\u062f \u062a\u062f\u0631\u064a\u062c\u064a\u0651\u064b\u0627 \u0639\u0642\u0628 \u0627\u0644\u062d\u0627\u062f\u062b \u0627\u0644\u0633\u0627\u0628\u0642\u060c \u062a\u0645\u0643\u0646 \u0627\u0644\u0645\u0647\u0627\u062c\u0645\u0648\u0646 \u0645\u0646 \u0625\u0646\u0634\u0627\u0621 \u0631\u0645\u0648\u0632 \u0648\u0635\u0648\u0644 \u062c\u062f\u064a\u062f\u0629 \u0644\u0623\u0646\u0641\u0633\u0647\u0645 \u0642\u0628\u0644 \u0625\u0644\u063a\u0627\u0621 \u0627\u0644\u0631\u0645\u0648\u0632 \u0627\u0644\u0642\u062f\u064a\u0645\u0629 \u0627\u0644\u0645\u062e\u062a\u0631\u0642\u0629.<\/p>\n<p>\u0646\u062a\u064a\u062c\u0629 \u0644\u0630\u0644\u0643\u060c \u062a\u0645\u0643\u0646\u062a \u0645\u062c\u0645\u0648\u0639\u0629 TeamPCP \u0645\u0646 \u0627\u062e\u062a\u0631\u0627\u0642 \u0625\u062c\u0631\u0627\u0621\u0627\u062a GitHub \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645\u0629 \u0641\u064a \u0645\u0633\u0627\u0631\u0627\u062a \u0627\u0644\u062a\u0643\u0627\u0645\u0644 \u0627\u0644\u0645\u0633\u062a\u0645\u0631 \/ \u0627\u0644\u0646\u0634\u0631 \u0627\u0644\u0645\u0633\u062a\u0645\u0631 (CI\/CD). \u0648\u0628\u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0628\u064a\u0627\u0646\u0627\u062a \u0627\u0639\u062a\u0645\u0627\u062f \u062a\u0645\u0646\u062d \u0635\u0644\u0627\u062d\u064a\u0627\u062a \u0643\u062a\u0627\u0628\u0629 \u0627\u0644\u0639\u0644\u0627\u0645\u0627\u062a\u060c \u0623\u0639\u0627\u062f \u0627\u0644\u0645\u0647\u0627\u062c\u0645\u0648\u0646 \u0643\u062a\u0627\u0628\u0629 76 \u0639\u0644\u0627\u0645\u0629 \u0625\u0635\u062f\u0627\u0631 \u0645\u0646 \u0623\u0635\u0644 77 \u0641\u064a \u0645\u0633\u062a\u0648\u062f\u0639 aquasecurity\/trivy-action \u0642\u0633\u0631\u064a\u064b\u0627\u060c \u0628\u0627\u0644\u0625\u0636\u0627\u0641\u0629 \u0625\u0644\u0649 \u062c\u0645\u064a\u0639 \u0627\u0644\u0639\u0644\u0627\u0645\u0627\u062a \u0627\u0644\u0633\u0628\u0639 \u0641\u064a aquasecurity\/setup-trivy\u060c \u0645\u0645\u0627 \u0623\u062f\u0649 \u0625\u0644\u0649 \u0625\u0639\u0627\u062f\u0629 \u062a\u0648\u062c\u064a\u0647 \u0627\u0644\u0625\u0635\u062f\u0627\u0631\u0627\u062a \u0627\u0644\u0645\u0648\u062b\u0648\u0642\u0629 \u0627\u0644\u062d\u0627\u0644\u064a\u0629 \u0625\u0644\u0649 \u0625\u064a\u062f\u0627\u0639\u0627\u062a \u0636\u0627\u0631\u0629. \u0648\u062a\u0634\u0628\u0647 \u0647\u0630\u0647 \u0627\u0644\u0637\u0631\u064a\u0642\u0629 \u0627\u0644\u062a\u0643\u062a\u064a\u0643\u0627\u062a \u0627\u0644\u062a\u064a \u0631\u064f\u0635\u062f\u062a \u0641\u064a <a target=\"_blank\" href=\"https:\/\/securelist.com\/shai-hulud-2-0\/118214\/\" rel=\"noopener\">\u062d\u0645\u0644\u0629 Shai-Hulud 2.0<\/a>. \u0648\u0646\u062a\u064a\u062c\u0629 \u0644\u0647\u0630\u0627\u060c \u0628\u062f\u0623\u062a \u062a\u062f\u0641\u0642\u0627\u062a \u0627\u0644\u0639\u0645\u0644 \u0639\u0628\u0631 \u0627\u0644\u0645\u0633\u0627\u0631 \u0628\u0627\u0644\u0643\u0627\u0645\u0644 \u0641\u064a \u062a\u0646\u0641\u064a\u0630 \u0627\u0644\u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629 \u0627\u0644\u062e\u0627\u0635\u0629 \u0628\u0627\u0644\u0645\u0647\u0627\u062c\u0645\u064a\u0646\u060c \u0641\u064a \u062d\u064a\u0646 \u0644\u0645 \u062a\u0638\u0647\u0631 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \u0627\u0644\u0648\u0635\u0641\u064a\u0629 \u0644\u0644\u0625\u0635\u062f\u0627\u0631 \u0623\u064a \u062a\u063a\u064a\u064a\u0631\u0627\u062a \u0645\u0631\u0626\u064a\u0629.<\/p>\n<p>\u0641\u064a \u0627\u0644\u0648\u0642\u062a \u0630\u0627\u062a\u0647\u060c \u0646\u0634\u0631 \u0627\u0644\u0645\u0647\u0627\u062c\u0645\u0648\u0646 \u0645\u0644\u0641\u064b\u0627 \u062b\u0646\u0627\u0626\u064a\u064b\u0627 \u0645\u0635\u0627\u0628\u064b\u0627 \u0645\u0646 \u0623\u062f\u0627\u0629 Trivy (\u0627\u0644\u0625\u0635\u062f\u0627\u0631 v0.69.4) \u0639\u0628\u0631 \u0642\u0646\u0648\u0627\u062a \u0627\u0644\u062a\u0648\u0632\u064a\u0639 \u0627\u0644\u0631\u0633\u0645\u064a\u0629\u060c \u0628\u0645\u0627 \u0641\u064a \u0630\u0644\u0643 \u0625\u0635\u062f\u0627\u0631\u0627\u062a GitHub \u0648\u0633\u062c\u0644\u0627\u062a \u0627\u0644\u062d\u0627\u0648\u064a\u0627\u062a.<\/p>\n<h2>\u0627\u062e\u062a\u0631\u0627\u0642 LiteLL<\/h2>\n<p>\u0642\u062f \u064a\u062a\u0633\u0628\u0628 \u0627\u062e\u062a\u0631\u0627\u0642 \u0623\u062f\u0627\u0629 LiteLLM \u0627\u0644\u0634\u0647\u064a\u0631\u0629 \u2013 \u0627\u0644\u0645\u062e\u0635\u0635\u0629 \u0644\u0644\u0648\u0635\u0648\u0644 \u0625\u0644\u0649 \u0646\u0645\u0627\u0630\u062c \u0627\u0644\u0644\u063a\u0627\u062a \u2013 \u0641\u0630 \u062d\u062f \u0630\u0627\u062a\u0647 \u0641\u064a \u0645\u0648\u062c\u0629 \u0643\u0628\u0631\u0649 \u0645\u0646 \u0627\u0644\u0647\u062c\u0645\u0627\u062a \u0639\u0628\u0631 \u0633\u0644\u0633\u0644\u0629 \u0627\u0644\u0645\u0634\u0627\u0631\u064a\u0639 \u0627\u0644\u062a\u064a \u062a\u0633\u062a\u062e\u062f\u0645 \u0627\u0644\u0623\u062f\u0627\u0629. \u0648\u0648\u0642\u0639 \u0627\u0644\u0647\u062c\u0648\u0645 \u0641\u064a 24 \u0645\u0627\u0631\u0633 2026\u060c \u0639\u0646\u062f\u0645\u0627 \u0646\u0634\u0631\u062a \u0645\u062c\u0645\u0648\u0639\u0629 TeamPCP \u0646\u0633\u062e\u064b\u0627 \u0636\u0627\u0631\u0629 \u0645\u0646 \u0627\u0644\u0645\u0643\u062a\u0628\u0629 (1.82.7 \u06481.82.8) \u0639\u0644\u0649 \u0645\u0633\u062a\u0648\u062f\u0639 PyPI \u0645\u0628\u0627\u0634\u0631\u0629\u064b. \u0648\u0641\u064a \u0627\u0644\u0641\u062a\u0631\u0629 \u0645\u0627 \u0628\u064a\u0646 \u0627\u0644\u0633\u0627\u0639\u0629 10:39 \u0648\u0627\u0644\u0633\u0627\u0639\u0629 16:00 (\u0628\u0627\u0644\u062a\u0648\u0642\u064a\u062a \u0627\u0644\u0639\u0627\u0644\u0645\u064a \u0627\u0644\u0645\u0646\u0633\u0642)\u060c \u0627\u062d\u062a\u0648\u062a \u0647\u0630\u0647 \u0627\u0644\u062d\u0632\u0645 \u0627\u0644\u0645\u062e\u062a\u0631\u0642\u0629 \u0639\u0644\u0649 \u0628\u0631\u0627\u0645\u062c \u0636\u0627\u0631\u0629 \u0644\u0633\u0631\u0642\u0629 \u0628\u064a\u0627\u0646\u0627\u062a \u0627\u0644\u0627\u0639\u062a\u0645\u0627\u062f. \u0648\u0632\u064f\u0631\u0639\u062a \u062f\u0627\u062e\u0644 \u0645\u0644\u0641 <em>proxy_server.py<\/em>\u060c \u0643\u0645\u0627 \u062a\u0636\u0645\u0646 \u0627\u0644\u0625\u0635\u062f\u0627\u0631 1.82.8 \u0645\u0644\u0641 <em>litellm_init<\/em> \u0636\u0627\u0631\u064b\u0627 \u0623\u064a\u0636\u064b\u0627. \u0648\u062a\u0645 \u062a\u0633\u0631\u064a\u0628 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \u0627\u0644\u0645\u0633\u0631\u0648\u0642\u0629 \u0625\u0644\u0649 \u062e\u0627\u062f\u0645 \u064a\u062f\u0639\u0649 <em>models.litellm[.]cloud<\/em>.<\/p>\n<p>\u0644\u0645 \u064a\u062a\u0623\u062b\u0631 \u0627\u0644\u0639\u0645\u0644\u0627\u0621 \u0627\u0644\u0630\u064a\u0646 \u064a\u0633\u062a\u062e\u062f\u0645\u0648\u0646 LiteLLM Cloud \u0623\u0648 \u0635\u0648\u0631\u0629 Docker \u0627\u0644\u0631\u0633\u0645\u064a\u0629 \u0644\u0646\u0645\u0648\u0630\u062c LiteLLM Proxy\u060c \u0648\u0630\u0644\u0643 \u0628\u0641\u0636\u0644 \u0633\u064a\u0627\u0633\u0629 \u0627\u0644\u062a\u062b\u0628\u064a\u062a \u0627\u0644\u0635\u0627\u0631\u0645 \u0644\u0644\u0625\u0635\u062f\u0627\u0631\u0627\u062a\u060c \u0648\u0641\u064a \u0627\u0644\u0645\u0642\u0627\u0628\u0644\u060c \u062a\u0639\u0631\u0636 \u0627\u0644\u0645\u0637\u0648\u0631\u0648\u0646 \u0648\u0627\u0644\u0645\u0634\u0627\u0631\u064a\u0639 \u0627\u0644\u062a\u0627\u0628\u0639\u0629 \u0627\u0644\u062a\u064a \u0642\u0627\u0645\u062a \u0628\u062a\u062b\u0628\u064a\u062a \u0625\u0635\u062f\u0627\u0631\u0627\u062a \u063a\u064a\u0631 \u0645\u062d\u062f\u062f\u0629 \u0639\u0628\u0631 pip \u062e\u0644\u0627\u0644 \u0627\u0644\u0646\u0627\u0641\u0630\u0629 \u0627\u0644\u0632\u0645\u0646\u064a\u0629 \u0627\u0644\u0645\u0630\u0643\u0648\u0631\u0629 \u0644\u0644\u0627\u062e\u062a\u0631\u0627\u0642.<\/p>\n<p>\u0641\u064a \u063a\u0636\u0648\u0646 \u062b\u0644\u0627\u062b \u0633\u0627\u0639\u0627\u062a\u060c \u0623\u064f\u0632\u064a\u0644\u062a \u0627\u0644\u062d\u0632\u0645 \u0627\u0644\u062e\u0628\u064a\u062b\u0629 \u0645\u0646 \u0645\u0633\u062a\u0648\u062f\u0639 PyPI\u060c \u0643\u0645\u0627 \u0639\u0644\u0651\u0642 \u0641\u0631\u064a\u0642 LiteLLM \u0627\u0644\u0625\u0635\u062f\u0627\u0631\u0627\u062a \u0627\u0644\u062c\u062f\u064a\u062f\u0629\u060c \u0648\u0642\u0627\u0645 \u0628\u062a\u063a\u064a\u064a\u0631 \u0628\u064a\u0627\u0646\u0627\u062a \u0627\u0644\u0627\u0639\u062a\u0645\u0627\u062f\u060c \u0648\u0628\u062f\u0623 \u0639\u0645\u0644\u064a\u0629 \u0627\u0633\u062a\u062c\u0627\u0628\u0629 \u062e\u0627\u0631\u062c\u064a\u0629 \u0644\u0644\u062d\u0627\u062f\u062b. \u0648\u062a\u064f\u0646\u0635\u062d \u0627\u0644\u0641\u0631\u0642 \u0627\u0644\u062a\u064a \u062a\u0633\u062a\u062e\u062f\u0645 LiteLLM \u0641\u064a \u0645\u0634\u0627\u0631\u064a\u0639\u0647\u0627 \u0628\u0627\u0644\u062a\u062d\u0642\u0642 \u0627\u0644\u0641\u0648\u0631\u064a \u0645\u0646 \u0645\u0624\u0634\u0631 \u0627\u0644\u0627\u062e\u062a\u0631\u0627\u0642 <em>litellm_init.pth<\/em>\u060c \u0648\u062a\u063a\u064a\u064a\u0631 \u062c\u0645\u064a\u0639 \u0627\u0644\u0623\u0633\u0631\u0627\u0631 \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629 \u0627\u0644\u062a\u064a \u064a\u064f\u062d\u062a\u0645\u0644 \u062a\u0633\u0631\u064a\u0628\u0647\u0627 \u062f\u0648\u0631\u064a\u064b\u0627.<\/p>\n<h2>\u062e\u0635\u0627\u0626\u0635 \u0627\u0644\u0628\u0631\u0646\u0627\u0645\u062c \u0627\u0644\u0636\u0627\u0631 TeamPCP Cloud Stealer<\/h2>\n<p>\u0623\u0636\u0627\u0641 \u0627\u0644\u0645\u0647\u0627\u062c\u0645\u0648\u0646 \u0645\u0646\u0637\u0642\u064b\u0627 \u062c\u062f\u064a\u062f\u064b\u0627 \u0625\u0644\u0649 \u0625\u062c\u0631\u0627\u0621\u0627\u062a GitHub \u0648\u0627\u0644\u0645\u0644\u0641 \u0627\u0644\u0642\u0627\u0628\u0644 \u0644\u0644\u062a\u0646\u0641\u064a\u0630 \u0644\u062d\u0644 Trivy \u0645\u0639 \u0627\u0644\u062d\u0641\u0627\u0638 \u0639\u0644\u0649 \u0627\u0644\u0648\u0638\u0627\u0626\u0641 \u0627\u0644\u0623\u0635\u0644\u064a\u0629 \u0644\u0644\u0623\u062f\u0627\u0629. \u0648\u0628\u062f\u062a \u0646\u062a\u0627\u0626\u062c \u0641\u062d\u0635 \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0639\u0628\u0631 Trivy \u0637\u0628\u064a\u0639\u064a\u0629\u060c \u0644\u0643\u0646 \u0641\u064a \u0627\u0644\u0648\u0642\u062a \u0646\u0641\u0633\u0647 \u0643\u0627\u0646 \u064a\u062c\u0631\u064a \u0627\u0644\u0628\u062d\u062b \u0639\u0646 \u0628\u064a\u0627\u0646\u0627\u062a \u0642\u064a\u0645\u0629 \u0648\u0627\u0633\u062a\u062e\u0631\u0627\u062c\u0647\u0627. \u0648\u0643\u0627\u0646\u062a \u0627\u0644\u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629 \u0627\u0644\u0636\u0627\u0631\u0629 \u062a\u0646\u0641\u0630 \u0645\u0627 \u064a\u0644\u064a:<\/p>\n<ul>\n<li>\u0625\u062c\u0631\u0627\u0621 \u0639\u0645\u0644\u064a\u0627\u062a \u0627\u0644\u0627\u0633\u062a\u0637\u0644\u0627\u0639 (\u062c\u0645\u0639 \u0628\u064a\u0627\u0646\u0627\u062a \u0627\u0644\u0634\u0628\u0643\u0629 \u0648\u0645\u062a\u063a\u064a\u0631\u0627\u062a \u0627\u0644\u0628\u064a\u0626\u0629)\u061b<\/li>\n<li>\u0627\u0644\u0628\u062d\u062b \u0639\u0646 \u0627\u0644\u0631\u0645\u0648\u0632 \u0648\u0628\u064a\u0627\u0646\u0627\u062a \u0627\u0644\u0627\u0639\u062a\u0645\u0627\u062f \u0644\u0644\u0648\u0635\u0648\u0644 \u0625\u0644\u0649 \u0627\u0644\u0628\u064a\u0626\u0627\u062a \u0627\u0644\u0633\u062d\u0627\u0628\u064a\u0629 AWS \u0648GCP\u061b<\/li>\n<li>\u0641\u062d\u0635 \u0627\u0644\u0630\u0627\u0643\u0631\u0629 <em>(\/proc\/*\/mem<\/em>) \u0644\u0627\u0633\u062a\u062e\u0631\u0627\u062c \u0627\u0644\u0623\u0633\u0631\u0627\u0631 \u0627\u0644\u0645\u062e\u0632\u0646\u0629 \u0641\u064a \u0630\u0627\u0643\u0631\u0629 \u0639\u0645\u0644\u064a\u062a\u064a <em>Runner.Worker<\/em> \u0648<em>Runner.Listener<\/em>\u061b<\/li>\n<li>\u0627\u0633\u062a\u062e\u0631\u0627\u062c \u0623\u0633\u0631\u0627\u0631 Kubernetes \u0645\u0646 \u0627\u0644\u0645\u0633\u0627\u0631 (<em>\/run\/secrets\/kubernetes.io\/serviceaccount<\/em>)\u061b<\/li>\n<li>\u062c\u0645\u0639 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \u0627\u0644\u062e\u0627\u0635\u0629 \u0628\u0627\u0644\u0627\u062a\u0635\u0627\u0644 \u0628\u062e\u0648\u0627\u062f\u0645 \u0642\u0648\u0627\u0639\u062f \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a (MySQL \u0648PostgreSQL \u0648MongoDB \u0648Redis \u0648Vault)\u061b<\/li>\n<li>\u062c\u0645\u0639 \u0623\u064a \u0645\u0641\u0627\u062a\u064a\u062d \u0644\u0648\u0627\u062c\u0647\u0629 \u0628\u0631\u0645\u062c\u0629 \u0627\u0644\u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0623\u0648 \u0623\u0633\u0631\u0627\u0631 \u0628\u0631\u0645\u062c\u064a\u0629 \u0623\u062e\u0631\u0649 \u0645\u0646 \u0645\u0644\u0641\u0627\u062a \u0627\u0644\u0628\u064a\u0626\u0629 \u0648\u0645\u0644\u0641\u0627\u062a \u062a\u0643\u0648\u064a\u0646 \u0627\u0644\u062a\u0643\u0627\u0645\u0644 \u0627\u0644\u0645\u0633\u062a\u0645\u0631 \/ \u0627\u0644\u0646\u0634\u0631 \u0627\u0644\u0645\u0633\u062a\u0645\u0631 (\u0645\u062b\u0644 <em>\u200e.env \u0648\u200e.json \u0648\u200e.yml<\/em>)\u061b<\/li>\n<li>\u0627\u0644\u0628\u062d\u062b \u0639\u0646 \u0631\u0648\u0627\u0628\u0637 \u0627\u0644\u0648\u064a\u0628 \u0627\u0644\u062e\u0627\u0635\u0629 \u0628\u0642\u0646\u0648\u0627\u062a Slack \u0648Discord\u061b<\/li>\n<li>\u0627\u0644\u0628\u062d\u062b \u0639\u0646 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \u0627\u0644\u0645\u062a\u0639\u0644\u0642\u0629 \u0628\u0645\u062d\u0627\u0641\u0638 \u0627\u0644\u0639\u0645\u0644\u0627\u062a \u0627\u0644\u0645\u0634\u0641\u0631\u0629 (\u0627\u0644\u0645\u062a\u063a\u064a\u0631\u0627\u062a \u0627\u0644\u0645\u0631\u062a\u0628\u0637\u0629 \u0628\u0633\u0644\u0633\u0644\u0629 \u0643\u062a\u0644 Solana\u060c \u0628\u0627\u0644\u0625\u0636\u0627\u0641\u0629 \u0625\u0644\u0649 \u0628\u064a\u0627\u0646\u0627\u062a <em>rpcuser<\/em> \u0648<em>rpcpassword<\/em>).<\/li>\n<\/ul>\n<p>\u062c\u0631\u062a \u0639\u0645\u0644\u064a\u0629 \u062a\u0634\u0641\u064a\u0631 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \u0627\u0644\u0645\u062c\u0645\u0648\u0639\u0629 \u0648\u0631\u0641\u0639\u0647\u0627 \u0625\u0644\u0649 \u062e\u0627\u062f\u0645 \u064a\u062d\u0645\u0644 \u0627\u0633\u0645\u064b\u0627 \u0645\u0634\u0627\u0628\u0647\u064b\u0627 \u0644\u0627\u0633\u0645 \u0645\u0637\u0648\u0631\u064a Trivy \u0648\u0647\u064a (<em>scan.aquasecurtiy[.]org<\/em>). \u0648\u0643\u0622\u0644\u064a\u0629 \u062f\u0639\u0645 \u0627\u062d\u062a\u064a\u0627\u0637\u064a\u0629\u060c \u0648\u0641\u0631 \u0627\u0644\u0645\u0647\u0627\u062c\u0645\u0648\u0646 \u0637\u0631\u064a\u0642\u0629 \u0644\u0631\u0641\u0639 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \u0625\u0644\u0649 \u0645\u0633\u062a\u0648\u062f\u0639 \u064a\u062d\u0645\u0644 \u0627\u0644\u0627\u0633\u0645 <em>docs-tpcp<\/em>.<\/p>\n<p>\u0627\u0633\u062a\u062e\u062f\u0645 \u0627\u0644\u0647\u062c\u0648\u0645 \u0639\u0644\u0649 CheckMarx \u0648LiteLLM \u062a\u0643\u062a\u064a\u0643\u064b\u0627 \u0645\u0645\u0627\u062b\u0644\u0627\u064b \u0639\u0628\u0631 \u0646\u0637\u0627\u0642\u0627\u062a (Domains) \u0623\u062e\u0631\u0649 \u062a\u0639\u062a\u0645\u062f \u0639\u0644\u0649 \u0627\u0644\u062a\u0645\u0648\u064a\u0647 \u0627\u0644\u0625\u0645\u0644\u0627\u0626\u064a (Typosquatting)\u060c \u0648\u0647\u064a: <em>models.litellm[.]cloud<\/em> \u0648<em>checkmarx[.]zone<\/em>.<\/p>\n<p>\u064a\u0645\u0643\u0646\u0643 \u0627\u0644\u0639\u062b\u0648\u0631 \u0639\u0644\u0649 \u062a\u062d\u0644\u064a\u0644 \u062a\u0642\u0646\u064a \u0645\u0641\u0635\u0644 \u0644\u0644\u0628\u0631\u0627\u0645\u062c \u0627\u0644\u0636\u0627\u0631\u0629\u060c \u0625\u0644\u0649 \u062c\u0627\u0646\u0628 \u0645\u0624\u0634\u0631\u0627\u062a \u0627\u0644\u0627\u062e\u062a\u0631\u0627\u0642\u060c \u0641\u064a \u0645\u0642\u0627\u0644 \u062e\u0628\u064a\u0631\u0646\u0627 <a target=\"_blank\" href=\"https:\/\/securelist.com\/litellm-supply-chain-attack\/119257\/\" rel=\"noopener\">\u0639\u0644\u0649 \u0645\u062f\u0648\u0646\u0629 Securelist<\/a>.<\/p>\n<h2>\u0625\u0633\u062a\u0631\u0627\u062a\u064a\u062c\u064a\u0627\u062a \u0627\u0644\u0627\u0633\u062a\u062c\u0627\u0628\u0629 \u0648\u0627\u0644\u062f\u0641\u0627\u0639 \u0636\u062f \u0627\u0644\u062b\u063a\u0631\u0629 CVE-2026-33634<\/h2>\n<p>\u0644\u0645 \u062a\u0639\u062f \u0639\u0645\u0644\u064a\u0627\u062a \u0627\u0644\u062a\u062d\u0642\u0642 \u0627\u0644\u0645\u0633\u062a\u0646\u062f\u0629 \u0625\u0644\u0649 \u0627\u0644\u062a\u0648\u0642\u064a\u0639\u0627\u062a \u0627\u0644\u0631\u0642\u0645\u064a\u0629 \u0648\u0641\u062d\u0635 \u0627\u0644\u062a\u0628\u0639\u0627\u062a \u0641\u064a \u0627\u0644\u0645\u0633\u062a\u0648\u062f\u0639\u0627\u062a \u0627\u0644\u0639\u0627\u0645\u0629 \u0643\u0627\u0641\u064a\u0629\u060c \u062d\u064a\u062b \u062d\u064f\u0642\u0646\u062a \u0627\u0644\u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629 \u0627\u0644\u0636\u0627\u0631\u0629 \u0645\u0628\u0627\u0634\u0631\u0629 \u0641\u064a \u0625\u062c\u0631\u0627\u0621\u0627\u062a \u0645\u0648\u062b\u0648\u0642\u0629 \u0648\u0645\u0648\u0642\u0639\u0629 \u0631\u0642\u0645\u064a\u064b\u0627\u060c \u0648\u062a\u0645\u0643\u0646\u062a \u0645\u0646 \u0627\u0644\u062a\u0647\u0631\u0628 \u0645\u0646 \u0627\u0644\u0627\u0643\u062a\u0634\u0627\u0641 \u062d\u062a\u0649 \u0637\u064f\u0628\u0642\u062a \u0627\u0644\u0631\u0642\u0627\u0628\u0629 \u0627\u0644\u0633\u0644\u0648\u0643\u064a\u0629. \u0648\u0623\u0635\u0628\u062d\u062a \u0645\u0633\u0627\u0631\u0627\u062a \u0627\u0644\u062a\u0643\u0627\u0645\u0644 \u0627\u0644\u0645\u0633\u062a\u0645\u0631\/ \u0627\u0644\u0646\u0634\u0631 \u0627\u0644\u0645\u0633\u062a\u0645\u0631(CI\/CD) \u0647\u064a \u0627\u0644\u0645\u062d\u064a\u0637 \u0627\u0644\u0623\u0645\u0646\u064a \u0627\u0644\u062c\u062f\u064a\u062f.<\/p>\n<p><strong>\u0625\u062c\u0631\u0627\u0621\u0627\u062a \u0641\u0648\u0631\u064a\u0629. <\/strong>\u062a\u0623\u0643\u062f \u0623\u0646 \u062c\u0645\u064a\u0639 \u0645\u0633\u0627\u0631\u0627\u062a \u0627\u0644\u0639\u0645\u0644 \u062a\u0633\u062a\u062e\u062f\u0645 \u0625\u0635\u062f\u0627\u0631\u0627\u062a \u0622\u0645\u0646\u0629 (\u0645\u0644\u0641 Trivy \u0627\u0644\u0642\u0627\u0628\u0644 \u0644\u0644\u062a\u0646\u0641\u064a\u0630 0.69.3\u060c \u0648trivy-action 0.35.0\u060c \u0648setup-trivy 0.2.6).<\/p>\n<p>\u064a\u062c\u0628 \u0639\u0644\u0649 \u0645\u0633\u0624\u0648\u0644\u064a \u0645\u0633\u0627\u0631\u0627\u062a \u0627\u0644\u062a\u0643\u0627\u0645\u0644 \u0627\u0644\u0645\u0633\u062a\u0645\u0631 \/ \u0627\u0644\u0646\u0634\u0631 \u0627\u0644\u0645\u0633\u062a\u0645\u0631 \u0648\u0641\u0631\u0642 \u0627\u0644\u0623\u0645\u0627\u0646 \u0645\u0631\u0627\u062c\u0639\u0629 \u062a\u0628\u0639\u0627\u062a\u0647\u0645 \u0644\u062d\u0644\u0648\u0644 Checkmarx (\u0645\u062b\u0644 kics-github-action \u0648ast-github-action) \u0648Trivy (\u0645\u062b\u0644 setup-trivy \u0648trivy-action) \u0639\u0644\u0649 \u0627\u0644\u0641\u0648\u0631. \u0648\u0625\u0630\u0627 \u0643\u0627\u0646\u062a \u0645\u0633\u0627\u0631\u0627\u062a \u0627\u0644\u0639\u0645\u0644 \u062a\u0634\u064a\u0631 \u0625\u0644\u0649 \u0639\u0644\u0627\u0645\u0629 \u0625\u0635\u062f\u0627\u0631 \u0628\u062f\u0644\u064b\u0627 \u0645\u0646 \u062a\u062c\u0632\u0626\u0629 SHA \u0645\u062d\u062f\u062f\u0629\u060c \u0641\u0631\u0627\u062c\u0639 \u0633\u062c\u0644\u0627\u062a \u062a\u0646\u0641\u064a\u0630 \u0645\u0633\u0627\u0631\u0627\u062a \u0627\u0644\u0639\u0645\u0644 \u0628\u0639\u0646\u0627\u064a\u0629 \u0637\u0648\u0627\u0644 \u0641\u062a\u0631\u0629 \u0647\u062c\u0648\u0645 \u0633\u0644\u0627\u0633\u0644 \u0627\u0644\u062a\u0648\u0631\u064a\u062f \u0627\u0644\u0646\u0634\u0637.<\/p>\n<p>\u064a\u062c\u0628 \u0639\u0644\u064a\u0643 \u0623\u064a\u0636\u064b\u0627 \u0641\u062d\u0635 \u0633\u062c\u0644\u0627\u062a \u0627\u0644\u0634\u0628\u0643\u0629 \u0628\u062d\u062b\u064b\u0627 \u0639\u0646 \u0623\u064a \u062d\u0631\u0643\u0629 \u0645\u0631\u0648\u0631 \u0645\u062a\u062c\u0647\u0629 \u0625\u0644\u0649 \u0627\u0644\u0646\u0637\u0627\u0642\u0627\u062a: <em>scan.aquasecurtiy[.]org<\/em> \u0648<em>checkmarx[.]zone<\/em>\u0648<em>models.litellm[.]cloud<\/em>. \u0648\u064a\u0634\u064a\u0631 \u0648\u062c\u0648\u062f \u0645\u062b\u0644 \u0647\u0630\u0647 \u0627\u0644\u062d\u0631\u0643\u0629 \u0625\u0644\u0649 \u0623\u0646\u0647 \u062a\u0633\u0631\u064a\u0628 \u0628\u064a\u0627\u0646\u0627\u062a \u062d\u0633\u0627\u0633\u0629 \u0628\u0646\u062c\u0627\u062d.<\/p>\n<p>\u0625\u0630\u0627 \u0638\u0647\u0631 \u0645\u0633\u062a\u0648\u062f\u0639 \u0628\u0627\u0633\u0645 docs-tpcp \u0639\u0644\u0649 \u062d\u0633\u0627\u0628 \u0627\u0644\u0645\u0624\u0633\u0633\u0629 \u0641\u064a GitHub\u060c \u0641\u0642\u062f \u064a\u0634\u064a\u0631 \u0630\u0644\u0643 \u0623\u064a\u0636\u064b\u0627 \u0625\u0644\u0649 \u0648\u0642\u0648\u0639 \u062e\u0631\u0642 \u0646\u0627\u062c\u062d \u0644\u0644\u0628\u064a\u0627\u0646\u0627\u062a.<\/p>\n<p>\u0627\u0641\u062d\u0635 \u0627\u0644\u0623\u062c\u0647\u0632\u0629 \u0627\u0644\u0645\u0636\u064a\u0641\u0629 \u0648\u0627\u0644\u0645\u062c\u0645\u0648\u0639\u0627\u062a \u0628\u062d\u062b\u064b\u0627 \u0639\u0646 \u0639\u0644\u0627\u0645\u0627\u062a \u0627\u0644\u0627\u062e\u062a\u0631\u0627\u0642 \u2013 \u0645\u062b\u0644 \u0648\u062c\u0648\u062f \u0645\u0644\u0641\u0627\u062a ~\/.config\/sysmon\/sysmon.py \u0623\u0648 \u0648\u062d\u062f\u0627\u062a \u0645\u0634\u0628\u0648\u0647\u0629 \u0641\u064a \u0628\u064a\u0626\u0629 Kubernetes.<\/p>\n<p>\u0627\u0645\u0633\u062d \u0630\u0627\u0643\u0631\u0629 \u0627\u0644\u062a\u062e\u0632\u064a\u0646 \u0627\u0644\u0645\u0624\u0642\u062a \u0648\u0642\u0645 \u0628\u0625\u062c\u0631\u0627\u0621 \u062c\u0631\u062f \u0644\u0648\u062d\u062f\u0627\u062a PyPI: \u0627\u0641\u062d\u0635 \u0628\u062d\u062b\u064b\u0627 \u0639\u0646 \u0623\u064a \u0648\u062d\u062f\u0627\u062a \u0636\u0627\u0631\u0629\u060c \u0648\u0639\u062f \u0625\u0644\u0649 \u0625\u0635\u062f\u0627\u0631\u0627\u062a \u0646\u0638\u064a\u0641\u0629.<\/p>\n<p>\u0641\u064a \u062c\u0645\u064a\u0639 \u0627\u0644\u0623\u062d\u0648\u0627\u0644\u060c \u064a\u062c\u0628 \u0625\u062c\u0631\u0627\u0621 \u0639\u0645\u0644\u064a\u0629 <a href=\"https:\/\/me.kaspersky.com\/enterprise-security\/compromise-assessment?icid=me-ar_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder_______\" target=\"_blank\" rel=\"noopener\">\u0627\u0644\u062a\u0642\u0635\u064a \u0627\u0644\u0627\u0633\u062a\u0628\u0627\u0642\u064a \u0639\u0646 \u0627\u0644\u062a\u0647\u062f\u064a\u062f\u0627\u062a<\/a>\u060c \u0628\u0627\u0641\u062a\u0631\u0627\u0636 \u0623\u0646 \u0627\u0644\u0623\u0646\u0638\u0645\u0629 \u0642\u062f \u0627\u062e\u062a\u064f\u0631\u0642\u062a \u0628\u0646\u062c\u0627\u062d \u0648\u0623\u0646 \u0627\u0644\u0645\u0647\u0627\u062c\u0645\u064a\u0646 \u0642\u062f \u062a\u063a\u0644\u063a\u0644\u0648\u0627 \u0633\u0631\u064a\u0639\u064b\u0627 \u062f\u0627\u062e\u0644 \u0627\u0644\u0623\u0646\u0638\u0645\u0629 \u0627\u0644\u0645\u062a\u0636\u0631\u0631\u0629.<\/p>\n<p>\u064a\u064f\u0648\u0635\u0649 \u0628\u0627\u0633\u062a\u0639\u0627\u062f\u0629 \u0627\u0644\u0628\u064a\u0626\u0627\u062a \u0627\u0644\u0645\u062a\u0636\u0631\u0631\u0629 \u0645\u0646 \u0646\u0633\u062e \u0627\u062d\u062a\u064a\u0627\u0637\u064a\u0629 \u062c\u0631\u0649 \u0627\u0644\u062a\u062d\u0642\u0642 \u0645\u0646\u0647\u0627.<\/p>\n<p><strong>\u062a\u062b\u0628\u064a\u062a \u0627\u0644\u062a\u0628\u0639\u0627\u062a \u0648\u0625\u062f\u0627\u0631\u0629 \u0643\u0644\u0645\u0627\u062a \u0627\u0644\u0633\u0631. <\/strong>\u062a\u0623\u0643\u062f \u0645\u0646 \u062a\u062b\u0628\u064a\u062a \u0625\u0635\u062f\u0627\u0631\u0627\u062a \u0627\u0644\u062a\u0628\u0639\u0627\u062a \u0628\u062f\u0642\u0629 \u0628\u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0627\u0644\u0628\u0635\u0645\u0627\u062a \u0627\u0644\u062a\u0634\u0641\u064a\u0631\u064a\u0629 \u0641\u064a \u062c\u0645\u064a\u0639 \u0627\u0644\u0645\u0633\u0627\u0631\u0627\u062a \u0648\u0645\u0644\u0641\u0627\u062a Docker. \u0648\u0646\u0646\u0635\u062d \u0628\u0627\u0644\u0627\u0646\u062a\u0642\u0627\u0644 \u0645\u0646 \u0627\u0644\u0631\u0645\u0648\u0632 \u0637\u0648\u064a\u0644\u0629 \u0627\u0644\u0623\u0645\u062f \u0625\u0644\u0649 \u0628\u064a\u0627\u0646\u0627\u062a \u0627\u0639\u062a\u0645\u0627\u062f \u0642\u0635\u064a\u0631\u0629 \u0627\u0644\u0623\u062c\u0644 \u0639\u0628\u0631 \u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0623\u062f\u0648\u0627\u062a \u0625\u062f\u0627\u0631\u0629 \u0643\u0644\u0645\u0627\u062a \u0627\u0644\u0633\u0631\u060c \u0648\u062a\u0641\u0639\u064a\u0644 \u062a\u0643\u0627\u0645\u0644 OIDC \u062d\u064a\u062b\u0645\u0627 \u0643\u0627\u0646 \u0645\u062f\u0639\u0648\u0645\u064b\u0627. \u0642\u0644\u0644 \u0645\u0646 \u062d\u0642\u0646 \u0643\u0644\u0645\u0627\u062a \u0627\u0644\u0633\u0631 \u0641\u064a \u0628\u064a\u0626\u0629 \u0627\u0644\u062a\u0634\u063a\u064a\u0644 \u0642\u062f\u0631 \u0627\u0644\u0625\u0645\u0643\u0627\u0646 \u2013 \u0648\u0644\u0627 \u062a\u0641\u0639\u0644 \u0630\u0644\u0643 \u0625\u0644\u0627 \u0639\u0646\u062f \u0627\u0644\u0636\u0631\u0648\u0631\u0629 \u0627\u0644\u0642\u0635\u0648\u0649. \u0643\u0645\u0627 \u064a\u062c\u0628 \u0627\u0644\u062a\u0623\u0643\u062f \u0645\u0646 \u0639\u062f\u0645 \u062a\u062e\u0632\u064a\u0646 \u0643\u0644\u0645\u0627\u062a \u0627\u0644\u0633\u0631 \u0639\u0644\u0649 \u0627\u0644\u0642\u0631\u0635 \u0627\u0644\u0635\u0644\u0628 \u0623\u0648 \u0641\u064a \u0645\u0644\u0641\u0627\u062a \u0645\u0624\u0642\u062a\u0629\u060c \u0648\u0639\u062f\u0645 \u0625\u0639\u0627\u062f\u0629 \u0627\u0633\u062a\u062e\u062f\u0627\u0645\u0647\u0627 \u0639\u0628\u0631 \u0639\u0645\u0644\u064a\u0627\u062a \u0645\u062e\u062a\u0644\u0641\u0629.<\/p>\n<p>\u0642\u0645 \u0628\u062a\u063a\u064a\u064a\u0631 \u062c\u0645\u064a\u0639 \u0628\u064a\u0627\u0646\u0627\u062a \u0627\u0644\u0627\u0639\u062a\u0645\u0627\u062f \u0627\u0644\u062a\u064a \u064a\u064f\u062d\u062a\u0645\u0644 \u0627\u062e\u062a\u0631\u0627\u0642\u0647\u0627 \u2013 \u0628\u0645\u0627 \u0641\u064a \u0630\u0644\u0643 \u0645\u0641\u0627\u062a\u064a\u062d \u0648\u0627\u062c\u0647\u0629 \u0628\u0631\u0645\u062c\u0629 \u0627\u0644\u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0648\u0645\u062a\u063a\u064a\u0631\u0627\u062a \u0627\u0644\u0628\u064a\u0626\u0629 \u0648\u0645\u0641\u0627\u062a\u064a\u062d SSH\u060c \u0648\u0631\u0645\u0648\u0632 \u062d\u0633\u0627\u0628 \u0627\u0644\u062e\u062f\u0645\u0629 \u0641\u064a Kubernetes\u060c \u0648\u0623\u064a \u0643\u0644\u0645\u0627\u062a \u0633\u0631 \u0623\u062e\u0631\u0649.<\/p>\n<p><strong>\u062a\u062f\u0627\u0628\u064a\u0631 \u0623\u0645\u0627\u0646 \u0623\u062e\u0631\u0649. <\/strong>\u0644\u0627 \u062a\u0633\u0645\u062d \u0625\u0644\u0627 \u0628\u0625\u062c\u0631\u0627\u0621\u0627\u062a GitHub \u0627\u0644\u0648\u0627\u0631\u062f\u0629 \u0641\u064a \u0627\u0644\u0642\u0627\u0626\u0645\u0629 \u0627\u0644\u0645\u0639\u062a\u0645\u062f\u0629 \u0645\u0646 \u0642\u0628\u0644 \u0627\u0644\u0645\u0624\u0633\u0633\u0629\u061b \u0648\u0627\u062d\u0638\u0631 \u0627\u0644\u0639\u0645\u0644\u064a\u0627\u062a \u0627\u0644\u062c\u062f\u064a\u062f\u0629 \u0648\u063a\u064a\u0631 \u0627\u0644\u0645\u0648\u062b\u0648\u0642\u0629. \u0648\u0642\u0645 \u0628\u062a\u0643\u0648\u064a\u0646 <em>GITHUB_TOKEN<\/em> \u0648\u0645\u0641\u0627\u062a\u064a\u062d \u0627\u0644\u0648\u0635\u0648\u0644 \u0627\u0644\u0623\u062e\u0631\u0649 \u0648\u0641\u0642\u064b\u0627 \u0644\u0645\u0628\u062f\u0623 \u0627\u0644\u062d\u062f \u0627\u0644\u0623\u062f\u0646\u0649 \u0645\u0646 \u0627\u0644\u0627\u0645\u062a\u064a\u0627\u0632. \u0648\u0644\u0627 \u062a\u0645\u0646\u062d \u0623\u0630\u0648\u0646\u0627\u062a \u0627\u0644\u0643\u062a\u0627\u0628\u0629 \u0625\u0644\u0627 \u0639\u0646\u062f \u0627\u0644\u0636\u0631\u0648\u0631\u0629 \u0627\u0644\u0642\u0635\u0648\u0649.<\/p>\n<p>\u0644\u062a\u0639\u0632\u064a\u0632 \u0623\u0645\u0627\u0646 \u0625\u062c\u0631\u0627\u0621\u0627\u062a GitHub\u060c \u062a\u062a\u0648\u0641\u0631 \u0627\u0644\u0639\u062f\u064a\u062f \u0645\u0646 \u0627\u0644\u0623\u062f\u0648\u0627\u062a \u0645\u0641\u062a\u0648\u062d\u0629 \u0627\u0644\u0645\u0635\u062f\u0631:<\/p>\n<ul>\n<li>zizmor \u2013 \u0623\u062f\u0627\u0629 \u0644\u0644\u062a\u062d\u0644\u064a\u0644 \u0627\u0644\u0633\u0627\u0643\u0646 \u0648\u0627\u0643\u062a\u0634\u0627\u0641 \u0623\u062e\u0637\u0627\u0621 \u0627\u0644\u062a\u0643\u0648\u064a\u0646 \u0641\u064a \u0625\u062c\u0631\u0627\u0621\u0627\u062a GitHub\u061b<\/li>\n<li>gato \u0648Gato-X \u2014 \u0646\u0633\u062e\u062a\u0627\u0646 \u0645\u0646 \u0623\u062f\u0627\u0629 \u062a\u0633\u0627\u0639\u062f \u0641\u064a \u062a\u062d\u062f\u064a\u062f \u0645\u0633\u0627\u0631\u0627\u062a \u0627\u0644\u0639\u0645\u0644 \u0627\u0644\u0636\u0639\u064a\u0641\u0629 \u0628\u0646\u064a\u0648\u064a\u064b\u0627\u061b<\/li>\n<li>allstar \u2014 \u062a\u0637\u0628\u064a\u0642 GitHub\u060c \u0637\u0648\u0651\u0631\u062a\u0647 \u0645\u0624\u0633\u0633\u0629 OpenSSF\u060c \u0644\u062a\u0643\u0648\u064a\u0646 \u0648\u0641\u0631\u0636 \u0627\u0644\u0633\u064a\u0627\u0633\u0627\u062a \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0641\u064a \u0645\u0624\u0633\u0633\u0627\u062a \u0648\u0645\u0633\u062a\u0648\u062f\u0639\u0627\u062a GitHub\u061b<\/li>\n<\/ul>\n<p>\u0625\u0630\u0627 \u0643\u0646\u062a \u062a\u0631\u063a\u0628 \u0641\u064a \u0645\u0639\u0631\u0641\u0629 \u0627\u0644\u0645\u0632\u064a\u062f \u0639\u0646 \u0647\u062c\u0645\u0627\u062a \u0633\u0644\u0627\u0633\u0644 \u0627\u0644\u062a\u0648\u0631\u064a\u062f\u060c \u0641\u0646\u062d\u0646 \u0646\u062f\u0639\u0648\u0643 \u0644\u0644\u0627\u0637\u0644\u0627\u0639 \u0639\u0644\u0649 \u062a\u0642\u0631\u064a\u0631\u0646\u0627 \u0627\u0644\u062a\u062d\u0644\u064a\u0644\u064a \u0628\u0639\u0646\u0648\u0627\u0646: <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/kas.pr\/k8rs\">\u062a\u0641\u0627\u0639\u0644\u0627\u062a \u0633\u0644\u0627\u0633\u0644 \u0627\u0644\u062a\u0648\u0631\u064a\u062f: \u062a\u0623\u0645\u064a\u0646 \u0627\u0644\u0646\u0638\u0627\u0645 \u0627\u0644\u0628\u064a\u0626\u064a \u0627\u0644\u0631\u0642\u0645\u064a \u0627\u0644\u0639\u0627\u0644\u0645\u064a \u0641\u064a \u0639\u0635\u0631 \u0627\u0644\u062a\u0631\u0627\u0628\u0637<\/a>. \u0648\u064a\u0633\u062a\u0646\u062f \u0647\u0630\u0627 \u0627\u0644\u062a\u0642\u0631\u064a\u0631 \u0625\u0644\u0649 \u0631\u0624\u0649 \u0627\u0633\u062a\u062e\u0644\u0635\u0647\u0627 \u062e\u0628\u0631\u0627\u0621 \u062a\u0642\u0646\u064a\u064b\u0627\u060c \u0648\u064a\u0643\u0634\u0641 \u0639\u0646 \u0645\u062f\u0649 \u062a\u0643\u0631\u0627\u0631 \u0648\u0627\u062c\u0647\u0629 \u0627\u0644\u0645\u0624\u0633\u0633\u0627\u062a \u0644\u0645\u062e\u0627\u0637\u0631 \u0633\u0644\u0627\u0633\u0644 \u0627\u0644\u062a\u0648\u0631\u064a\u062f \u0648\u0627\u0644\u0639\u0644\u0627\u0642\u0627\u062a \u0627\u0644\u0645\u0648\u062b\u0648\u0642\u0629\u060c \u0648\u0623\u0645\u0627\u0643\u0646 \u0648\u062c\u0648\u062f \u0641\u062c\u0648\u0627\u062a \u0627\u0644\u062d\u0645\u0627\u064a\u0629\u060c \u0648\u0627\u0644\u0625\u0633\u062a\u0631\u0627\u062a\u064a\u062c\u064a\u0627\u062a \u0627\u0644\u062a\u064a \u064a\u062c\u0628 \u0627\u062a\u0628\u0627\u0639\u0647\u0627 \u0644\u062a\u0639\u0632\u064a\u0632 \u0627\u0644\u0645\u0631\u0648\u0646\u0629 \u0636\u062f \u0647\u0630\u0627 \u0627\u0644\u0646\u0648\u0639 \u0645\u0646 \u0627\u0644\u062a\u0647\u062f\u064a\u062f\u0627\u062a.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"mdr\"><input type=\"hidden\" class=\"placeholder_for_banner\" data-cat_id=\"mdr\" value=\"11530\">\n","protected":false},"excerpt":{"rendered":"<p>\u0643\u064a\u0641 \u062a\u062d\u0648\u0644\u062a \u062d\u0644\u0648\u0644 \u0623\u0645\u0627\u0646 \u0627\u0644\u0645\u0635\u0627\u062f\u0631 \u0627\u0644\u0645\u0641\u062a\u0648\u062d\u0629 \u0625\u0644\u0649 \u0646\u0642\u0637\u0629 \u0627\u0646\u0637\u0644\u0627\u0642 \u0644\u0647\u062c\u0648\u0645 \u0648\u0627\u0633\u0639 \u0627\u0633\u062a\u0647\u062f\u0641 \u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0634\u0647\u064a\u0631\u0629 \u0623\u062e\u0631\u0649\u060c \u0648\u0645\u0627 \u0627\u0644\u0625\u062c\u0631\u0627\u0621\u0627\u062a \u0627\u0644\u062a\u064a \u064a\u062c\u0628 \u0639\u0644\u0649 \u0627\u0644\u0645\u0624\u0633\u0633\u0627\u062a \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645\u0629 \u0644\u0647\u0627 \u0627\u062a\u062e\u0627\u0630\u0647\u0627\u061f<\/p>\n","protected":false},"author":2706,"featured_media":13299,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[748],"tags":[2191,484,991,1210,1723,2338],"class_list":{"0":"post-13296","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-threats","8":"tag-2191","9":"tag-484","10":"tag-991","11":"tag-1210","12":"tag-1723","13":"tag-2338"},"hreflang":[{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/critical-supply-chain-attack-trivy-litellm-checkmarx-teampcp\/13296\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/critical-supply-chain-attack-trivy-litellm-checkmarx-teampcp\/30309\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/critical-supply-chain-attack-trivy-litellm-checkmarx-teampcp\/25363\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/critical-supply-chain-attack-trivy-litellm-checkmarx-teampcp\/30159\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/critical-supply-chain-attack-trivy-litellm-checkmarx-teampcp\/29085\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/critical-supply-chain-attack-trivy-litellm-checkmarx-teampcp\/31966\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/critical-supply-chain-attack-trivy-litellm-checkmarx-teampcp\/41587\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/critical-supply-chain-attack-trivy-litellm-checkmarx-teampcp\/14420\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/critical-supply-chain-attack-trivy-litellm-checkmarx-teampcp\/55510\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/critical-supply-chain-attack-trivy-litellm-checkmarx-teampcp\/23768\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/critical-supply-chain-attack-trivy-litellm-checkmarx-teampcp\/24855\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/critical-supply-chain-attack-trivy-litellm-checkmarx-teampcp\/33335\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/critical-supply-chain-attack-trivy-litellm-checkmarx-teampcp\/30454\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/critical-supply-chain-attack-trivy-litellm-checkmarx-teampcp\/36042\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/critical-supply-chain-attack-trivy-litellm-checkmarx-teampcp\/35701\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/me.kaspersky.com\/blog\/tag\/%d8%b3%d9%84%d8%b3%d9%84%d8%a9-%d8%a7%d9%84%d8%aa%d9%88%d8%b1%d9%8a%d8%af\/","name":"\u0633\u0644\u0633\u0644\u0629 \u0627\u0644\u062a\u0648\u0631\u064a\u062f"},"_links":{"self":[{"href":"https:\/\/me.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/13296","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/me.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/me.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/me.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/2706"}],"replies":[{"embeddable":true,"href":"https:\/\/me.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=13296"}],"version-history":[{"count":2,"href":"https:\/\/me.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/13296\/revisions"}],"predecessor-version":[{"id":13305,"href":"https:\/\/me.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/13296\/revisions\/13305"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/me.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/13299"}],"wp:attachment":[{"href":"https:\/\/me.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=13296"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/me.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=13296"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/me.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=13296"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}