EarlyNarratives
Pricing
Start free trialSign in
Start free trialSign in
Signal

Mercor targeted in LiteLLM supply chain attack amid rising software supply chain threats

Evidence first: scan the strongest sources, then decide whether to go deeper.

Published 2026-04-01 18:58 UTCUpdated 2026-04-02 15:16 UTC
rss
cveexploitsbreachesmalwarethreat_actorssecurity_tooling
Source links open
Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.
BackEvidence (2)Get the free brief by emailStart free trial
No card needed for the free brief.
Evidence trail (top sources)
top sources (2 domains)domains are deduped. counts indicate coverage, not truth.
2 top sources shown
Mercor Hit by LiteLLM Supply Chain Attack
SecurityWeek · News · securityweek.com · 2026-04-02 10:42 UTC
limited source diversity in top sources
View all evidence
Overview

Mercor, an AI recruiting firm, is investigating a supply chain attack involving LiteLLM after Lapsus$ claimed theft of 4TB of data.

Entities
MercorLiteLLM
Score total
0.96
Momentum 24h
2
Posts
2
Origins
2
Source types
1
Duplicate ratio
0%
Why now
  • Recent attacks on Mercor and others show an accelerating trend in supply chain compromises.
  • The volume of stolen data and secrets is unprecedented, raising immediate risk levels.
  • Threat actors linked to nation-states and cybercrime groups are actively exploiting these vulnerabilities.
Why it matters
  • Supply chain attacks compromise trusted software components, amplifying impact across many organizations.
  • Exposed secrets from these attacks can enable further intrusions, ransomware, and financial theft.
  • Understanding these incidents helps improve defenses and incident response strategies.
LLM analysis
Topic mix: lowPromo risk: lowSource quality: medium
Recurring claims
  • Software supply chain attacks are increasing and linked to multiple threat actors, exposing large volumes of sensitive data.
  • Mercor was hit by a LiteLLM supply chain attack resulting in the theft of 4TB of data claimed by Lapsus$.
How sources frame it
  • SecurityWeek: neutral
  • Help Net Security: neutral
All evidence
All evidence
Software supply chain hacks trigger wave of intrusions, data theft
Help Net Security · helpnetsecurity.com · 2026-04-02 15:16 UTC
Mercor Hit by LiteLLM Supply Chain Attack
SecurityWeek · securityweek.com · 2026-04-02 10:42 UTC
Show filters & breakdown
Posts loaded: 0Publishers: 2Origin domains: 2Duplicates: -
Showing 2 / 0
Top publishers (this list)
  • Help Net Security (1)
  • SecurityWeek (1)
Top origin domains (this list)
  • helpnetsecurity.com (1)
  • securityweek.com (1)