Mercor Hit by Cyberattack Linked to Compromised Open-Source LiteLLM Project

Mercor Confirms Cyberattack Tied to Supply Chain Compromise of Open-Source LiteLLM ProjectY Combinator-backed AI recruiting startup Mercor has disclosed that it was impacted by a sophisticated supply chain attack originating from a compromise of the widely used open-source project LiteLLM.The incident, which surfaced in late March 2026, involved malicious code being injected into two versions of the LiteLLM Python package (1.82.7 and 1.82.8) on PyPI. Mercor stated it was “one of thousands of companies” affected by the breach, which has been linked to the hacking group TeamPCP.How the Attack UnfoldedLiteLLM, a popular AI gateway library that helps developers route requests across multiple large language models (LLMs), sees millions of downloads daily. Attackers reportedly gained access to the project’s publishing credentials through a prior compromise in its CI/CD pipeline (linked to the Trivy security scanner).The malicious versions contained a backdoor that harvested credentials, enabled lateral movement, and established persistence on affected systems. The compromised packages were available for a short window before being removed, but any organization that installed them during that period became vulnerable.Impact on MercorMercor, valued at around $10 billion, uses LiteLLM as part of its AI-powered recruiting platform. The company confirmed the security incident resulted in unauthorized access, with potential exposure of proprietary source code, internal databases, and user-verification data.An extortion group (reportedly linked to Lapsus$) later claimed responsibility and began leaking some internal data, including Slack messages and AI contractor videos, adding pressure on the startup.Why This Matters for the AI EcosystemThis attack highlights the growing risks of supply chain attacks in the AI industry. Open-source tools like LiteLLM are foundational for many AI applications, yet they can become single points of failure when compromised.Thousands of organizations worldwide may have been exposed, underscoring the need for stricter dependency management, version pinning, and continuous monitoring of open-source components.LiteLLM quickly responded by removing the malicious packages and issuing security guidance, but the incident serves as a wake-up call for AI companies to treat open-source dependencies with the same scrutiny as commercial software.As investigations continue, Mercor and other affected firms are working to contain the breach and strengthen their security posture.