Mercor Hit by Supply Chain Attack via LiteLLM Breach - The Tech Buzz

An extortion group executed a supply chain attack by compromising the open-source LiteLLM project, which serves as a widely-used AI model API proxy. This breach led to the theft of sensitive data from AI recruiting startup Mercor, underscoring systemic vulnerabilities in the AI industry's reliance on unvetted open-source dependencies.