Mercor Confirms Cyberattack After LiteLLM Supply Chain Breach
According to SlowMist CISO 23pds, Mercor confirmed a cyberattack after the open-source Python library LiteLLM was compromised, with SlowMist previously warning that attackers stole about 300GB of data.
Summary
Mercor confirmed it was affected by a cyberattack tied to a supply chain breach involving the open-source Python library LiteLLM. SlowMist CISO 23pds disclosed the incident on X on April 2. SlowMist had previously warned on March 25 that attackers stole about 300GB of data. The update indicates the breach was linked to compromised third-party software rather than an isolated direct intrusion.
Terms & Concepts
- Supply chain breach: A cyberattack that compromises a trusted external vendor, library, or service to gain access to downstream users or systems.