Your LLM API Router Might Be Stealing Your Keys: Inside the 428-Router Security Study

Researchers tested 428 third-party LLM API routers and found 9 injecting malicious code, 17 abusing AWS credentials, and one that drained an Ethereum wallet of ~$500k. Here is why the middleman layer is the AI supply chain's quietest disaster — and what to do about it.