Reddit
Mercor Confirms 4TB Data Breach via LiteLLM Supply Chain Attack — Lapsus$ Claims Responsibility
AI recruiting startup Mercor ($10B valuation) confirmed a security incident from a supply chain attack on open-source LiteLLM proxy. Attackers compromised Trivy's GitHub Actions workflow, stole LiteLLM's PyPI publishing token, and pushed malicious versions (1.82.7/1.82.8) that exfiltrated SSH keys, .env files, cloud credentials, and crypto wallets. Lapsus$ claims 4TB of Mercor data including source code and databases. LiteLLM is downloaded millions of times daily — Mercor says it was 'one of thousands of companies' affected.
Source
↳ Follow the thread