US EditionMercor Targeted in LiteLLM Supply Chain Attack
Mercor said it was one of thousands of companies affected, while Lapsus$ claimed 4 TB of data and source code from the startup.
- AI hiring startup Mercor confirmed on Tuesday it was "one of thousands of companies" affected by a supply chain attack involving LiteLLM, part of a campaign also targeting Telnyx and Trivy.
- The campaign originated in late February when attackers exploited a misconfiguration in the GitHub Actions environment for Trivy, an open source vulnerability scanner maintained by Aqua Security, to steal privileged access tokens.
- Mandiant Consulting CTO Charles Carmakal estimated over 1,000 SaaS environments are currently dealing with the threat, warning that downstream victims could expand to "another 500, another 1,000, maybe another 10,000."
- Extortion group Lapsus$ claimed responsibility for a data breach at Mercor, sharing samples of stolen files, though Mercor spokesperson Heidi Hagberg declined to confirm if customer or contractor data was misused.
- Collaborating with ransomware gangs including CipherForce and Vect, TeamPCP is leveraging access to leak data and extort victims, with researchers warning these groups are "exceptionally aggressive with their extortion.
28 Articles
28 Articles
Mercor, a $10 billion AI startup, confirms it was caught up in a major security incident
Mercor, a startup that provides training data to major AI companies, confirmed that it was the victim of a security breach that may have exposed sensitive company and user data. The three-year old startup, which is valued at $10 billion, recruits experts in fields ranging from medicine to law to literature, to help provide data the improves the capabilities of AI modes. Its customers include Anthropic, OpenAI , and Meta. According to unconfirmed…
TechCrunch
technewstube.comMercor says it was hit by cyberattack tied to compromise of open-source LiteLLM project
The AI recruiting startup confirmed a security incident after an extortion hacking crew took credit for stealing data from the company's systems.
LAPSUS$ claims massive breach of AI hiring startup Mercor, says 4TB of data taken via Tailscale VPN - Tech Startups
A cybercrime group with a track record of hitting some of tech’s biggest names says it has struck again—this time going after one of the fastest-growing companies in the AI talent pipeline. Posts circulating across X and Reddit point to […] The post LAPSUS$ claims massive breach of AI hiring startup Mercor, says 4TB of data taken via Tailscale VPN first appeared on Tech Startups.
Experts warn of a ‘loud and aggressive’ extortion wave following Trivy hack
SAN FRANCISCO — Mandiant is responding to a major, ongoing supply-chain attack involving the compromise of Trivy, a widely used open-source tool from Aqua Security that’s designed to find vulnerabilities and misconfigurations in code repositories. The fallout from the attack spree, which was first detected March 19, is extensive and poses substantial risk for follow-on compromises and threatening extortion attempts. “We know over 1,000 impacted…
Coverage Details
Bias Distribution
- 83% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium
