LiteLLM drops Delve after malware incident

LiteLLM drops Delve after security incident, AI gateway says it will redo certifications with Vanta and a separate auditor, compliance badges look brittle when logs can be fabricated

LiteLLM said it is abandoning compliance startup Delve and will redo its security certifications with a different vendor after an attack that targeted the company’s open-source distribution. The AI “gateway” — software that sits between applications and multiple model providers — said it will move to Delve rival Vanta and separately select an independent third‑party auditor, according to TechCrunch.

The change follows a week in which LiteLLM’s open-source version was hit by credential-stealing malware. The incident landed uncomfortably next to the company’s recent compliance claims: LiteLLM had obtained two security certifications through Delve, which markets “AI compliance” services meant to show that controls and processes are in place to reduce the odds of breaches.

Delve’s business model has been under public scrutiny. TechCrunch reports that Delve has been accused of misleading customers by allegedly generating fake data and using auditors that rubber-stamped reports. Delve’s founder has denied the allegations and offered free re-tests and audits to customers; an anonymous whistleblower then released further purported evidence over the weekend.

LiteLLM’s response is notable because it treats the certification itself as a dependency that can fail. Compliance products typically sell the idea that a buyer can outsource a chunk of security diligence — policies, evidence collection, audit preparation — and receive a portable badge such as SOC 2 or ISO-aligned attestations. But the value of those badges depends on who is collecting the evidence, how it is validated, and whether the auditor is actually independent of the platform feeding it.

In software supply chains, the mismatch is familiar: the party that suffers the breach is often not the party that signed off the paperwork. A compliance vendor can be incentivised to optimise for speed and pass rates; an auditor paid by the client can be incentivised to keep the client. Meanwhile, the downstream cost of weak controls is absorbed by developers whose credentials are stolen, customers whose data is exposed, and incident-response teams cleaning up after the fact.

LiteLLM’s plan — switching to Vanta and choosing its own auditor — is an attempt to separate tooling from judgement. Vanta and similar platforms can automate evidence gathering, but an audit still rests on whether the evidence is real, complete, and tied to technical controls that would have changed the outcome of an attack.

For companies buying “compliance-as-a-service,” the episode is a practical warning: a certificate can confirm that procedures exist on paper, but it cannot guarantee that software releases are clean, secrets are protected, or third‑party access is constrained. Those assurances require technical verification and continuous testing — work that rarely fits into a quarterly checklist.

LiteLLM’s next audit will produce new documentation. The more revealing test will be whether the company’s users see tighter release controls, better credential hygiene, and clearer accountability the next time the supply chain is targeted.