Mercor Hit by Cyberattack Linked to LiteLLM Open Source Compromise

TLDR

AI recruiting startup Mercor has confirmed experiencing a security incident after an extortion-focused hacking group claimed responsibility for stealing data from the company's systems. The breach is connected to a compromise of LiteLLM, a widely-used open-source software project.

The breach demonstrates how compromises in widely-used open-source projects can create cascading security risks for organizations integrating those tools into their infrastructure.

Key Takeaways

• AI recruiting startup Mercor confirmed a security breach tied to a compromise of the open-source LiteLLM project, with an extortion hacking crew claiming responsibility