LiteLLM Python package compromised by supply-chain attack