In yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical security flaw in BerriAI's LiteLLM Python package has come under active exploitation ...

The vulnerability allows attackers to read data from a LiteLLM proxy’s database and potentially modify it. A critical-severity vulnerability in the open source AI gateway LiteLLM was exploited days ...

Hackers are targeting sensitive information stored in the LiteLLM open-source large-language model (LLM) gateway by exploiting a critical vulnerability tracked as CVE-2026-42208. The flaw is an SQL ...

Joe Supan is a senior writer for CNET covering home technology, broadband, and moving. Prior to joining CNET, Joe led MyMove's moving coverage and reported on broadband policy, the digital divide, and ...

Meta has paused all its work with the data contracting firm Mercor while it investigates a major security breach that impacted the startup, two sources confirmed to WIRED. The pause is indefinite, the ...

Sophisticated cyberattacks targeting a variety of open source projects, including the Trivy security-scanner project, the widely used Axios Javascript package, and now Anthropic's accidental ...

The AI recruiting firm is investigating the incident as Lapsus$ claimed the theft of 4TB of Mercor data. AI recruiting firm Mercor has disclosed impact from the recent LiteLLM supply chain attack, ...

A couple of days ago, a group of hackers known as TeamPCP pulled off a ballsy supply chain attack against a core piece of AI infrastructure. They targeted LiteLLM, a super popular open-source API ...

Mercor, a popular AI recruiting startup, has confirmed a security incident linked to a supply chain attack involving the open source project LiteLLM. The AI startup told TechCrunch on Tuesday that it ...

This is one of those Silicon Valley real-life episodes that seem pulled from the HBO satire show. This week, some really atrocious malware was discovered in an open source project developed by Y ...