Startup Hit by AI Supply-Chain Attack
AI startup Mercor has been caught in a major AI supply-chain attack tied to the compromised LiteLLM library, a widely used integration tool downloaded millions of times daily. The malicious code harvested credentials and created a pathway for broader compromise, with threat groups like TeamPCP and LAPSUS$ reportedly leveraging the access to steal sensitive datasets, source code, and internal communications. Early indications suggest terabytes of data may be involved, raising concerns about exposure of proprietary AI models, training data, and confidential projects.
This incident underscores a rapidly escalating threat: AI supply chains are now prime targets, where a single poisoned dependency can cascade across thousands of companies simultaneously. Unlike traditional breaches, these attacks compromise data pipelines, model training inputs, and API integrations, putting not just systems — but entire AI ecosystems — at risk. With attackers increasingly coordinating supply-chain access + extortion campaigns, organizations face prolonged exposure, delayed detection, and massive downstream impact similar to past events like MOVEit, which affected nearly 100 million individuals.
The only scalable defense is an AI-native security and observability platform like NIKSUN that is purpose-built for AI and software supply chains. By leveraging AI/ML-driven behavioral analytics, real-time dependency monitoring, and full-stack correlation across code execution, API calls, identity access, and network traffic (L2–L7), organizations can detect malicious package behavior, credential abuse, and data exfiltration instantly. With AI-powered threat intelligence, automated risk scoring, and autonomous response, enterprises gain end-to-end visibility — from code ingestion to model deployment — enabling them to secure AI pipelines, protect sensitive datasets, and stop supply-chain-driven attacks before they spread across the ecosystem. Read more about this story on our LinkedIn page
This incident underscores a rapidly escalating threat: AI supply chains are now prime targets, where a single poisoned dependency can cascade across thousands of companies simultaneously. Unlike traditional breaches, these attacks compromise data pipelines, model training inputs, and API integrations, putting not just systems — but entire AI ecosystems — at risk. With attackers increasingly coordinating supply-chain access + extortion campaigns, organizations face prolonged exposure, delayed detection, and massive downstream impact similar to past events like MOVEit, which affected nearly 100 million individuals.
The only scalable defense is an AI-native security and observability platform like NIKSUN that is purpose-built for AI and software supply chains. By leveraging AI/ML-driven behavioral analytics, real-time dependency monitoring, and full-stack correlation across code execution, API calls, identity access, and network traffic (L2–L7), organizations can detect malicious package behavior, credential abuse, and data exfiltration instantly. With AI-powered threat intelligence, automated risk scoring, and autonomous response, enterprises gain end-to-end visibility — from code ingestion to model deployment — enabling them to secure AI pipelines, protect sensitive datasets, and stop supply-chain-driven attacks before they spread across the ecosystem. Read more about this story on our LinkedIn page