Fordel StudiosMercor says it was hit by cyberattack tied to compromise of open source LiteLLM project
What Happened
The AI recruiting startup confirmed a security incident after an extortion hacking crew took credit for stealing data from the company's systems.
Our Take
Look, LiteLLM's a useful tool — it standardizes API calls across Claude, GPT, Gemini, whatever. But every abstraction layer is a supply chain attack vector, and Mercor just learned that the hard way. Some hacking crew pwned the company because they trusted OSS that wasn't audited hard enough.
The real issue isn't that open source is insecure — it's that AI companies are shipping OSS and connecting it straight to production data, assuming someone else is watching. Nobody's watching. You are.
If you're pulling LiteLLM into your stack, you've accepted the risk. The question is whether you've isolated it properly.
What To Do
Audit every third-party LLM dependency you're running. See what data it touches.
Builder's Brief
What Skeptics Say
Every AI startup running LiteLLM or similar OSS proxy layers has the same exposure; this is not an edge case but a preview of systematic supply-chain risk across the AI middleware ecosystem that most teams have not audited.
2 comments
if you're using litellm in prod go audit your deps right now. not joking
supply chain attack on one of the most widely used llm proxy libs. this is bad
Cited By
React
Get the weekly AI digest
The stories that matter, with a builder's perspective. Every Thursday.