MERCOR AI publicly confirmed it was breached as a direct consequence of the LiteLLM supply chain compromise, making it the first organisation to officially acknowledge being victimised through the TeamPCP campaign, with TechCrunch reporting on March 31 that LAPSUS$ claims exfiltration of roughly 4TB of data.
Wiz CIRT’s post‑compromise AWS and cloud enumeration findings, including credential validation via TruffleHog, 24‑hour operational tempo, and IAM/ECS/Lambda discovery focuses, are documented as the first detailed public documentation of TeamPCP post‑compromise activity.
The axios npm compromise has been attributed to UNC1069, a North Korean threat actor, with the token provenance traced to a long‑lived npm access token harvested from CI/CD environments; this attribution is supported by Google’s Threat Intelligence Group and Elastic Security Labs. LiteLLM release activity resumed after a Mandiant forensic audit, with a new safe version published on March 31, 2026, and a reminder to treat v1.82.7/v1.82.8 as compromised.
The supply chain pause extends to about 192 hours, and CISA KEV’s remediation deadline now looms for April 8, 2026. According to Elastic Security Labs, the Axios attribution narrows the picture to a DPRK UNC1069 involvement, while the source of the maintainer credentials remains under investigation.