LiteLLM, the maker of a popular AI gateway used by millions of developers, has publicly announced that it will abandon compliance startup Delve and re-perform security certifications using other companies and auditors. The announcement comes after the open-source version of LiteLLM fell victim to a nasty credential-stealing malware last week.
Before the incident, LiteLLM hired AI compliance startup Delve to obtain two security compliance certifications. These certifications are intended to ensure that companies have procedures in place to minimize potential accidents.
Delve was accused of misleading customers about actual compliance by generating fake data and using auditors to stamp reports. Delve’s founders denied the claims and offered free retests and audits to all customers. This denial prompted an anonymous Delve whistleblower to double down on his actions, including making the receipts public over the weekend.
On Monday, LiteLLM CTO Ishaan Jaffer posted to After such a grueling week, LiteLLM is putting its feet up and voting.
