AI Intel: OpenAI Kills Sora, LiteLLM Backdoored in Supply Chain Attack, Disney Walks Away
OpenAI just killed Sora. Six months after launching the standalone video generation app to massive hype, the company posted "We're saying goodbye to Sora" on X — no explanation, no warning. Hours later, Disney confirmed it's walking away from a $1 billion investment in OpenAI that was tied to the Sora partnership. Meanwhile, a supply chain attack hit LiteLLM on PyPI, turning one of the most popular AI Python libraries into a credential-stealing backdoor. It's been a day.
OpenAI Shuts Down Sora — And Takes a $1B Disney Deal With It
The Sora team's statement was brief and offered zero reasoning: "We'll share more soon, including timelines for the app and API and details on preserving your work." OpenAI didn't respond to press requests for additional information. That's unusual for a product shutdown of this scale.
The timing makes this worse. Just three months ago, Disney signed a three-year licensing deal that would have let Sora generate videos using over 200 characters from Disney, Marvel, Pixar, and Star Wars. The plan was for Sora and ChatGPT Images to produce "fan-inspired" videos with Disney's licensed characters, with Disney+ adding curated Sora-generated content. Disney was also set to take a $1 billion stake in OpenAI as part of the arrangement.
That's all dead now. Disney's statement was diplomatic but clear: "We respect OpenAI's decision to exit the video generation business and to shift its priorities elsewhere." Translation: we didn't choose this.
Why it matters: Sora was supposed to be OpenAI's proof that it could own creative tools, not just chat interfaces. The Disney deal was the biggest IP licensing agreement in generative AI history. Killing both signals that OpenAI is consolidating — cutting products that burn cash without clear paths to revenue. Bloomberg reported the move is about "simplifying its portfolio," which is corporate-speak for "we can't afford to do everything."
For developers who built on the Sora API, this is a reminder about platform risk. Video generation endpoints that existed yesterday may not exist next month. If you're integrating AI generation into products, having fallback providers isn't optional — it's architecture. The same logic applies to text and image APIs. Services like KissAPI that route across multiple providers exist precisely because no single provider is guaranteed to keep every endpoint running forever.
LiteLLM Backdoored: TeamPCP Turns a 40K-Star Library Into a Credential Stealer
On March 24, a compromised version of LiteLLM (v1.82.8) was pushed to PyPI containing a malicious .pth file called litellm_init.pth. The file executes automatically on every Python process startup. You don't need to import the library. Just having it installed is enough for the payload to run. Version 1.82.7 was also compromised, though that one requires an import to activate.
The attack was discovered by accident. FutureSearch noticed it when an MCP plugin running inside Cursor pulled LiteLLM as a transitive dependency, and the machine ran out of RAM from an exponential fork bomb baked into the malicious code. Without that crash, the credential stealer might have gone undetected for much longer.
The threat actor — TeamPCP — left a calling card in a commit to a maintainer's forked repo: "teampcp owns BerriAI." This is the same group that compromised Aqua Security's Trivy vulnerability scanner on March 19 and Checkmarx's KICS GitHub Action on March 23. The attack vector: compromise a maintainer's credentials via a poisoned Trivy GitHub Action in LiteLLM's CI/CD pipeline, then push malicious versions to PyPI.
The compromised versions have been yanked and PyPI quarantine has been lifted, but the damage window was real. Anyone who ran pip install litellm or had it as a dependency during that window got hit.
Why it matters: LiteLLM has 40,000+ GitHub stars and sits in the dependency tree of countless AI tools. This isn't a typosquatting attack on an obscure package — it's a direct compromise of a mainstream library through its CI/CD pipeline. The attack chain (compromise security tool → use it to compromise downstream packages) is getting more sophisticated.
What to do right now: Check if you have LiteLLM 1.82.7 or 1.82.8 installed anywhere. If so, assume credentials on that machine are compromised. Rotate API keys, tokens, and passwords. Pin your dependencies. And if you're running AI tooling in CI/CD, audit which GitHub Actions you're using — the Trivy action compromise that enabled this attack is a separate but related problem.
LM Studio Under Scrutiny: Malware Concerns Surface on Reddit
Reddit's AI communities flagged suspicious behavior from LM Studio this week, with users reporting unexpected network activity and resource usage patterns that don't match what a local LLM runner should be doing. The reports are unconfirmed and LM Studio hasn't issued a formal response yet, but the timing — right alongside the LiteLLM compromise — has the community on edge.
LM Studio is one of the most popular desktop apps for running local models. It's closed-source, which means users can't audit what it's actually doing. The concerns center on telemetry and data collection that goes beyond what users expected when they downloaded a tool specifically to run models locally and privately.
Why it matters: The local AI movement is built on a promise of privacy and control. If tools marketed for local inference are phoning home or behaving unexpectedly, that undermines the entire value proposition. This story is still developing — it could turn out to be benign telemetry or a false alarm. But it's worth watching, especially if you're running LM Studio in environments with sensitive data.
For developers who want local inference without trust issues, open-source alternatives like Ollama and llama.cpp remain the gold standard. You can read the code, build from source, and verify exactly what's running on your machine.
The Subsidized API Era Is Cracking
Between Sora's shutdown, OpenAI's $17 billion annual burn rate, and this week's Reddit discussions about API pricing changes, a pattern is forming. The era of artificially cheap AI APIs — subsidized by venture capital and IPO ambitions — is showing real cracks.
OpenAI cutting Sora isn't just a product decision. It's a cost decision. Video generation is compute-intensive and wasn't generating enough revenue to justify the infrastructure. The same math applies to text APIs: current pricing for frontier models doesn't reflect actual compute costs. It reflects what companies are willing to lose to capture market share.
Reddit's r/LocalLLaMA and r/MachineLearning have been tracking price increases across providers. The consensus: expect 15-30% increases on frontier model APIs over the next 6 months as companies move toward sustainable pricing. The race to the bottom on API pricing is becoming a race to break even.
For developers, this means cost optimization isn't a nice-to-have anymore. Smart model routing — using cheaper models for simple tasks and reserving frontier models for complex ones — is becoming table stakes. If you're locked into a single provider at today's prices, you're exposed to whatever they decide to charge tomorrow.
⚡ Quick Hits
- Sber's GigaChat goes open source. Russia's largest bank released GigaChat models under an open license. Performance benchmarks are limited and independent evaluation is sparse, but it's notable as the first major Russian-origin open model release. Worth watching for multilingual capabilities.
- Anthropic published a new research blog post on model interpretability and safety evaluation methods. The post details internal testing frameworks for measuring when models refuse harmful requests versus when they're genuinely unable to complete them — a distinction that matters for alignment research.
- Cursor caught using Kimi models. Users discovered that Cursor IDE was routing some requests through Moonshot AI's Kimi models without disclosure. The backlash on Reddit was immediate. Transparency about which models are actually serving your requests remains a sore point in the AI tooling space.
The Bottom Line
Two themes dominate today's briefing. First: platform risk is real and getting realer. OpenAI killed a flagship product overnight, and a mainstream Python library became malware through no fault of its users. If your AI stack has single points of failure — one provider, one library, one tool — today is a good day to fix that.
Second: the money is getting tighter. Sora died because it cost too much relative to what it earned. API prices are creeping up. The companies that survive the next phase of AI won't be the ones with the cheapest models — they'll be the ones with sustainable unit economics. For developers, that means building with cost awareness from day one, not as an afterthought.
Don't Get Locked Into One Provider
Route across Claude, GPT-5, Gemini, DeepSeek, and 200+ models through one API. Pay-as-you-go, OpenAI-compatible format.
Try KissAPI Free →