Glad to hear! Thanks for giving some info.

Still could be some half baked github response. Not saying it’s actually the case, but a possibility.

Hoping you can get a timely response and your account back!

I do not know for sure, but the repo did contain the dependency litellm with version specifier >=1.65.0 (if I recall correctly) and an early march build did use the version 1.81.0 per the uv.lock (version before the compromised litellm==1.82.7 and litellm==1.82.8 )

https://docs.litellm.ai/blog/security-update-march-2026

Not saying that the Dev was compromised, but it is possible, and it could be some Github precaution to disable repos with that dependency where a pip install at the wrong time could have compromised all the Devs credentials.

VLLM litellm supply chain attack.

Creator possibly was compromised and likely a security measure.

Affected versions were not pushed IMO, but the owners machine may have been compromised.