Mercor says it was hit by cyberattack tied to compromise LiteLLM

> The incident also prompted LiteLLM to make changes to its compliance processes, including shifting from controversial startup Delve to Vanta for compliance certifications.

This is pretty funny.

The leaked excel sheet with customers of Delve is basically a shortlist of targets for hackers to try now. Not that they necessarily have bad security, but you can play the odds

This is a good reminder that any tool handling sensitive data — even internal ones — needs to be transparent about where data goes. The assumption that SaaS tools protect your data is getting harder to defend.

Another day another reminder to use a sandbox for software development as a defense-in-depth measure

https://github.com/ashishb/amazing-sandbox

[dead]

[dead]