With the recent LiteLLM supply chain compromise making headlines, we wanted to take a deep dive into how an advanced attacker can go far beyond a basic dependency confusion attack against modern technology companies — and what defenders should be looking for.