Mercor Hit by LiteLLM Supply Chain Attack
The AI recruiting firm is investigating the incident as Lapsus$ claimed the theft of 4TB of Mercor data. The post Mercor Hit by LiteLLM Supply Chain Attack appeared first on SecurityWeek.
AI recruiting firm Mercor has disclosed impact from the recent LiteLLM supply chain attack, after extortionists claimed the theft of 4 terabytes of data.
The LiteLLM incident occurred on March 27 and was the result of the Trivy supply chain attack that was mounted a week before.
“We believe that the compromise originated from the Trivy dependency used in our CI/CD security scanning workflow,” LiteLLM notes in its description of the incident.
Source: https://www.securityweek.com/mercor-hit-by-litellm-supply-chain-attack/
Related breach coverage
- Bitwarden NPM Package Hit in Supply Chain Attack2026-04-24
Tied to a fresh Checkmarx supply chain attack claimed by TeamPCP, the incident references the Shai-Hulud worm. The post Bitwarden NPM Package Hit in Supply Chain Attack appeared first on SecurityWeek.
- AI Speeds Attacks, But Identity Remains Cybersecurity’s Weakest Link2026-03-25
PwC finds AI is amplifying speed and scale of attacks, as identity theft evolves into a cybercriminal supply chain. The post AI Speeds Attacks, But Identity Remains Cybersecurity’s Weakest Link appeared first on SecurityWeek.
- Polyfill Supply Chain Attack Impacting 100k Sites Linked to North Korea2026-03-12
The 2024 incident was initially linked to China, but an infostealer infection has now revealed North Korean involvement. The post Polyfill Supply Chain Attack Impacting 100k Sites Linked to North Korea appeared first on SecurityWeek.
- Hackers Leak 5.1 Million Panera Bread Records2026-02-03
ShinyHunters has claimed the theft of 14 million records from the US bakery-cafe chain’s systems. The post Hackers Leak 5.1 Million Panera Bread Records appeared first on SecurityWeek.