theAIcatchup

Malicious Axios npm package details showing hidden plain-crypto-js dependency

Axios Supply Chain Hack Poisons 100M Weekly Downloads with RAT Malware

Everyone figured npm packages were battle-tested safe havens for JavaScript devs. Wrong. This Axios breach — hitting a library with 100 million weekly pulls — just flipped the script on supply chain trust.

3 min read 2 days, 1 hour ago

Mercor AI recruiting platform interface with red cyberattack alert overlay and leaked data samples

AI Hardware

Mercor's AI Gold Rush Stumbles into Hacker Hell via LiteLLM Breach

Hackers just dumped Mercor's Slack chats and contractor vids online. The $10B AI recruiter? Yeah, they're scrambling after a sneaky LiteLLM supply chain hit.

4 min read 2 days, 1 hour ago

#supply chain attack

Axios Supply Chain Hack Poisons 100M Weekly Downloads with RAT Malware

Mercor's AI Gold Rush Stumbles into Hacker Hell via LiteLLM Breach

Stay in the loop