Mercor Hit by LiteLLM Supply Chain Attack
securityweek
AI recruiting firm Mercor has disclosed impact from the recent LiteLLM supply chain attack, after extortionists claimed the theft of 4 terabytes of data.
The LiteLLM incident occurred on March 27 and was the result of the Trivy supply chain attack that was mounted a week before.
“We believe that the compromise originated from the Trivy dependency used in our CI/CD security scanning workflow,” LiteLLM notes in its description of the incident.
Using a maintainer’s compromised credentials, the TeamPCP hacking group published two malicious LiteLLM PyPI package versions, namely 1.82.7 and 1.82.8, which were available for download for roughly 40 minutes.
LiteLLM is estimated to be present in 36% of cloud environments, and while the exposure window appears small, the malicious package versions were likely automatically downloaded by thousands, including Mercor.
“We recently identified that we were one of thousands of companies impacted by ...
Copyright of this story solely belongs to securityweek . To see the full text click HERE