Mercor says it was hit by cyberattack tied to compromise LiteLLM

Mercor says it got swept up in a supply‑chain ambush tied to popular open‑source tool LiteLLM, while the extortion crew Lapsus$ is bragging that it grabbed Mercor’s data. Translation: a “who actually got in and how?” whodunnit. The community’s verdict? Open‑source domino falls, everyone scrambles, and the compliance dance begins.

Security folks are dunking hard on the basics. One top‑liked zinger: “Docker is not a strong security boundary.” In plain English: containers are more like thin cubicle walls than bank vaults—stop treating them like force fields. Several linked to Google’s explainer on container limits (source) and rolled eyes at any “but we had a sandbox” defense.

Meanwhile, the compliance subplot is pure internet theater. LiteLLM switched from Delve to Vanta, and commenters laughed that the leaked Delve customer list is basically a hacker’s buffet menu. One called it “compliance musical chairs,” another joked that security by spreadsheet is not a vibe. Checkbox certs ≠ safety, the crowd chants.

Then the creator drama: a maintainer fires back that only “10% of code is written by agents,” insisting human‑written code is being unfairly blamed. It’s open‑source pride vs. armchair autopsies, and it’s getting spicy.

Amid the memes, a sober take lands: tools touching sensitive data must be crystal clear about where that data goes. With Mercor paying out $2M a day and working with AI giants, the stakes are sky‑high—and so are the comments.