Mercor, an AI recruiting startup that connects domain experts with companies such as OpenAI and Anthropic, disclosed a security incident linked to a supply‑chain attack on the open‑source LiteLLM project. The breach, attributed to the hacking group TeamPCP, affected thousands of organizations and coincided with claims by the extortion group Lapsus$ that it had accessed Mercor's data. Mercor said it moved quickly to contain the incident, engaged leading third‑party forensics experts, and continues to communicate with customers and contractors while investigations proceed. Read more →