VulnHub

Real-time Cybersecurity News

AI Firm Mercor Confirms Breach as Hackers Claim 4TB of Stolen Data

Hackread – Cybersecurity News, Data Breaches, AI and More
Actively Exploited
ExploitData Breach

Overview

Mercor, an AI firm, has confirmed a significant data breach linked to a supply chain attack involving LiteLLM. Hackers claim to have stolen 4TB of sensitive data, which may include internal systems and proprietary information. This breach raises serious concerns about the security of supply chain processes, as attackers often exploit vulnerabilities in third-party software to gain access to larger networks. Companies that rely on LiteLLM and similar technologies should be particularly vigilant and assess their security measures. The implications of such a large data theft could be severe, affecting not only Mercor but also its clients and partners who may be at risk of data exposure or further attacks.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: LiteLLM supply chain, Mercor's internal systems, sensitive data
  • Action Required: Companies should review their supply chain security practices, implement stronger access controls, and monitor for unusual activity.
  • Timeline: Newly disclosed

Original Article Summary

AI firm Mercor confirms a breach linked to a LiteLLM supply chain attack, as hackers claim to have stolen 4TB of sensitive data and internal systems.

Impact

LiteLLM supply chain, Mercor's internal systems, sensitive data

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Newly disclosed

Remediation

Companies should review their supply chain security practices, implement stronger access controls, and monitor for unusual activity. Specific patches or updates were not mentioned.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Exploit, Data Breach.

Read Original Article

Related Coverage

BrowserGate: LinkedIn Tracks 6,000+ Browser Extensions on Users’ PCs

Hackread – Cybersecurity News, Data Breaches, AI and More

LinkedIn is facing scrutiny after a report revealed that it tracks over 6,000 browser extensions installed on users' devices. This practice raises serious privacy concerns, as many users may not be aware that their browsing habits could be monitored through these extensions. The BrowserGate report emphasizes that such extensive tracking can lead to potential misuse of personal data. Users of LinkedIn, especially those who rely on various browser extensions for productivity, should be aware of this issue and consider the implications for their privacy. The situation calls for a closer examination of data collection practices by major platforms and how they handle user consent.

Apr 5, 2026

Hackers exploit React2Shell in automated credential theft campaign

BleepingComputer

Hackers are actively exploiting a vulnerability known as React2Shell (CVE-2025-55182) to automate the theft of user credentials from Next.js applications. This attack targets systems that have not been updated or patched against this specific vulnerability, making them susceptible to unauthorized access. Researchers have observed that this campaign is widespread, indicating that many developers using vulnerable versions of Next.js may be at risk. The implications are significant, as stolen credentials can lead to account takeovers and further breaches within organizations. Companies using Next.js should prioritize updating their applications to mitigate this threat and protect user data.

Apr 5, 2026

Axios npm hack used fake Teams error fix to hijack maintainer account

BleepingComputer

The Axios HTTP client development team reported that one of their developers fell victim to a social engineering attack, likely orchestrated by North Korean hackers. The attackers used a fake Teams error message to gain access to the maintainer's account, which allowed them to compromise the project. This incident raises concerns about the security of widely-used open-source software, as it demonstrates how easily social engineering tactics can lead to significant breaches. Users and developers of Axios should be aware of these tactics and implement stronger security measures to protect their accounts and projects. The incident serves as a reminder of the persistent threat posed by state-sponsored hacking groups.

Apr 4, 2026

Qilin ransomware group claims the hack of German political party Die Linke

Security Affairs

The Qilin ransomware group has claimed responsibility for a data breach involving Die Linke, a left-wing political party in Germany. The group announced that they have stolen sensitive data from the party and are threatening to make it public unless their demands are met. While Die Linke has confirmed that the incident occurred, they have stated that there was no breach of their systems. This incident raises concerns about the cybersecurity of political organizations, especially given the sensitive nature of the data involved. The threat of public data leaks can have serious implications for political entities, affecting both their reputation and operational integrity.

Apr 4, 2026

European Commission breach exposed data of 30 EU entities, CERT-EU says

Security Affairs

A breach involving the European Commission's cloud infrastructure has resulted in the exposure of sensitive data from at least 30 EU entities. The incident was linked to the TeamPCP hacking group, which is known for targeting various organizations. CERT-EU, the Computer Emergency Response Team for the EU, confirmed this breach and made the information public on March 27. This incident raises significant concerns about the security of sensitive government data and the potential for further exploitation of the exposed information. Organizations within the EU must assess their security measures to prevent similar breaches in the future.

Apr 4, 2026

Inconsistent Privacy Labels Don't Tell Users What They Are Getting

darkreading

The article discusses the shortcomings of data privacy labels for mobile apps, emphasizing that while the concept is beneficial, the current implementations fail to provide clear and useful information to users. Researchers found that inconsistencies in how these labels are presented can lead to confusion about what data is collected and how it is used. This lack of clarity can affect user trust and decision-making regarding app downloads. The article calls for improvements in the labeling process to ensure users are better informed about their privacy. Ultimately, enhancing these labels is crucial for protecting user data and fostering a safer digital environment.

Apr 3, 2026