Mercor Breached Via LiteLLM Supply Chain Attack

AI recruiting startup Mercor confirmed a breach after attackers compromised the LiteLLM open-source package on PyPI using a maintainer's stolen credentials. Two malicious versions - 1.82.7 and 1.82.8 - were live for roughly 40 minutes, but that was enough. LiteLLM sits in an estimated 36% of cloud environments, and vx-underground estimates data was exfiltrated from 500,000 machines. Lapsus$ is now auctioning 4 terabytes of Mercor data including candidate profiles, video interviews, source code, credentials, and TailScale VPN access. The attack chain traced back to a broader Trivy supply chain compromise mounted the week before. AI infrastructure has a growing dependency on a handful of open-source Python packages - LiteLLM, LangChain, transformers - and the supply chain attack surface is expanding faster than security auditing can keep up.