Cybersecurity Alert: North Korea-Linked Hackers Target AI Supply Chain in Major Breaches
Cybersecurity experts are warning of a new wave of supply-chain attacks linked to North Korean hackers, who have compromised open-source AI tools to target major tech companies. The LiteLLM open-source AI library was exploited in an attack targeting AI startup Mercor, exposing 4TB of sensitive data. WhatsApp has also notified users of a fake app linked to government spyware, while Hasbro reported a hack that could take weeks to recover from.
Cybersecurity experts are raising alarms about a sophisticated wave of supply-chain attacks targeting the AI ecosystem, with links to North Korean state-sponsored hackers.
**LiteLLM Supply-Chain Attack**
An open-source AI tooling library called LiteLLM was exploited in a supply-chain attack targeting AI startup Mercor, which works with OpenAI, Anthropic, and Meta. Mercor confirmed the breach, potentially exposing 4TB of sensitive customer and user data, including candidate information and source code.
**Axios Compromise**
Hackers linked to North Korea also compromised Axios, an open-source software component, by inserting malicious code into an update, creating a potential supply-chain attack path that could affect thousands of downstream users.
**WhatsApp Spyware Warning**
WhatsApp notified users of a fake app linked to government spyware, urging users to only download the official application from verified sources. The warning highlights the ongoing threat of state-sponsored surveillance tools targeting messaging platforms.
**Hasbro Hack**
Hasbro reported a significant hack that could take weeks to recover from, underscoring that cybersecurity threats extend well beyond the tech sector to consumer brands and entertainment companies.
**Hims & Hers Breach**
Hims & Hers confirmed a breach of its third-party customer support platform, where attackers stole support tickets containing personal information through social engineering, though medical records were not affected.
**Apple Vulnerability Patched**
Apple patched a vulnerability in Spotlight plugins that could have allowed access to files and data cached by Apple Intelligence, including geolocation and facial recognition details, highlighting new local attack paths created by on-device AI features.
**Expert Recommendations**
Security experts recommend organizations audit their open-source dependencies, implement software bill of materials (SBOM) practices, and maintain strong incident response plans to address the growing threat of AI supply-chain attacks.
