The LLM Proxy Landscape in 2026: Acquisitions, Attacks, and Alternatives

This article discusses the recent changes in the LLM proxy space, including the acquisition of Helicone by Mintlify and the supply chain attack on LiteLLM. It then provides an overview of the current landscape of LLM proxy solutions, including Portkey, Langfuse, OpenRouter, and TensorZero, and how they compare to the author's own solution, Stockyard.

Details

The article discusses two significant events that occurred in the LLM proxy space in Q1 2026. First, Helicone, a popular LLM observability and proxy tool, was acquired by Mintlify and is now in maintenance mode, meaning no new feature development and an uncertain timeline for bug fixes. This poses a risk for users who have Helicone deployed in production. Second, a supply chain attack targeted the LiteLLM Python package, with malicious packages impersonating the legitimate LiteLLM package on PyPI. This highlights the risks of relying on pip-installed dependencies in production environments. The article then provides an overview of the current landscape of LLM proxy solutions, including Portkey, Langfuse, OpenRouter, and TensorZero, discussing their features, tradeoffs, and suitability for different use cases. Finally, the author's own solution, Stockyard, is highlighted as a self-hosted LLM proxy that ships as a single Go binary with embedded SQLite, offering a different attack surface compared to pip-installed dependencies.