Brief

last 24h

[2/2] 222 sources

Multi-source AI news clustered, deduplicated, and scored 0–100 across authority, cluster strength, headline signal, and time decay.

TOOL · dev.to — LLM tag English(EN) · 6d · [3 sources]

Mercor AI’s 4TB Data Breach: How a LiteLLM Supply Chain Attack Exposed a Hidden Meta Partnership

A significant data breach at Mercor AI, involving approximately 4TB of data, has been attributed to a compromised LiteLLM-style routing layer. This incident highlights a critical LLM supply chain vulnerability, where intermediary components like routers become high-value targets. The breach not only exposed sensitive data but also revealed an undisclosed partnership with Meta, underscoring the risks of integrating third-party tools into AI infrastructure. AI

IMPACT Highlights critical LLM supply chain risks, emphasizing that intermediary components like routers are prime targets for data exfiltration and strategic leaks.
- Meta
- LiteLLM
- OWASP
- Mercor AI
COMMENTARY · Ben's Bites English(EN) · 1mo

One breach after another

A series of security vulnerabilities have recently emerged, impacting various AI and software development tools. Railway experienced an accidental data exposure, while Mercor AI is reportedly breached. Notably, the source code for Claude Code was leaked, prompting community efforts to preserve it. Additionally, Axios was compromised via a hijacked GitHub account affecting its npm package, highlighting the risks in software supply chains and the importance of sandboxing for AI agents. AI

IMPACT Highlights the critical need for robust security measures and sandboxing in AI development tools due to increasing supply chain risks and code leaks.
- Gemini
- Codex
- Stanford
- GitHub
- Claude Code
- Railway
- Shopify
- Stripe
- Supabase
- Posthog
- Axios
- Mercor AI
- PlanetScale
- Ben's Bites
- Clerk

Brief

Mercor AI’s 4TB Data Breach: How a LiteLLM Supply Chain Attack Exposed a Hidden Meta Partnership

One breach after another