Mercor Says It Was Hit By Cyberattack Tied to Compromise of Open-Source LiteLLM Project

Mercor Says It Was Hit By Cyberattack Tied to Compromise of Open-Source LiteLLM Project

Mercor Cyberattack Exposes a Dangerous Blind Spot in the AI Industry AI recruiting startup Mercor has confirmed it was hit by a cyberattack linked to a supply chain compromise of open source project LiteLLM. The incident, which also drew claims from extortion group Lapsus$, is raising urgent questions about how deeply AI companies depend on shared open source infrastructure and what happens when that infrastructure is poisoned from the inside. If your company uses any AI tooling built on widely adopted open source libraries, this story is one you cannot afford to ignore. How the Mercor Security Incident Unfolded The attack on Mercor did not begin at Mercor. It started with LiteLLM, a widely used open source library that helps developers connect to large language models. Malicious code was discovered embedded inside a package connected to the project. Although the harmful code was identified and removed within hours of discovery, the window it created was enough. Mercor confirmed to journal…