mercor

The AI Training Pipeline Just Became a High-Value Target

John Z Black Apr 6, 2026

Incidents & Breaches #supply-chain #ai-security #litellm #mercor #lapsus$ #teampcp

A trojanized LiteLLM package hit Mercor, the AI training vendor shared by OpenAI, Anthropic, and Meta, exposing the massive concentration risk in the AI supply chain.

TeamPCP's First Confirmed Victim Lost Passport Scans and Video Interviews

John Z Black Apr 2, 2026

Incidents & Breaches #teampcp #supply-chain #mercor #lapsus #data-breach #biometric-data #litellm

AI hiring platform Mercor confirmed a breach tied to the LiteLLM compromise. The stolen data includes passport scans and video interviews you can't exactly rotate like a password.