Recent cybersecurity incidents highlight growing risks, including large-scale data breaches and sophisticated supply-chain attacks. This report examines EU data breaches, AI infrastructure vulnerabilities, geopolitical impacts, and regulatory measures.
Supply-Chain and AI Infrastructure Attacks
AI startup Mercor, valued at $10 billion, confirmed a cybersecurity incident linked to a supply-chain attack on the LiteLLM library. This widely used tool connects applications with AI services. The breach exposed sensitive data belonging to users, contractors, and partners, including Anthropic, OpenAI, and Meta.
The attack involved malicious code inserted into LiteLLM. This allowed attackers to harvest login credentials and potentially access internal systems. The TeamPCP hacking group was identified as the primary threat actor, while Lapsus$ claimed to have published leaked data samples online, including internal communications and system records.
Mercor has initiated a third-party forensic investigation and is notifying affected parties. The incident highlights the growing risks of open-source dependencies in AI supply chains. Compromised libraries can propagate across multiple organizations, leading to widespread vulnerabilities. For more information, see the Moneycontrol report.
Supply-Chain and AI Infrastructure Attacks
AI startup Mercor, valued at $10 billion, confirmed a cybersecurity incident linked to a supply-chain attack on the LiteLLM library, a tool widely used to connect applications with AI services. The breach exposed sensitive data belonging to users, contractors, and partners, including Anthropic, OpenAI, and Meta. The attack involved malicious code inserted into LiteLLM, allowing attackers to harvest login credentials and potentially access internal systems. The TeamPCP hacking group was identified as the primary threat actor, while Lapsus$ claimed to have published leaked data samples online, including internal communications and system records. Mercor has initiated a third-party forensic investigation and is notifying affected parties. The incident highlights the growing risks of open-source dependencies in AI supply chains, where compromised libraries can propagate across multiple organizations.
Critical Vulnerabilities and Exploits
Trend Micro has detailed active exploitation of two unauthenticated remote code execution (RCE) vulnerabilities in on-premise Microsoft SharePoint Servers: CVE-2025-53770 and CVE-2025-53771. These vulnerabilities evolve from previously patched flaws, CVE-2025-49704 and CVE-2025-49706, which were incompletely remediated. Attackers exploit the /layouts/15/ToolPane.aspx endpoint to bypass authentication and upload malicious ASPNET files (e.g., spinstall0.aspx), extracting cryptographic secrets (e.g., MachineKey) to forge __VIEWSTATE payloads for RCE. Industries targeted include finance, education, energy, and healthcare. Microsoft has released patches for SharePoint Subscription Edition and Server 2019, with a Server 2016 fix pending. Trend Micro’s TippingPoint customers have been protected since May 2025. The exploit chain involves deserialization attacks and ViewState abuse, demonstrating the persistence of threat actors in weaponizing patched vulnerabilities.
Cyber Fraud and Regulatory Actions
The Chandigarh Police uncovered a Rs 75-crore scam involving the Municipal Corporation (MC) and CREST (Chandigarh Renewal Energy and Science & Technology Promotion Society), where shell companies were used to siphon public funds.
Key findings include proxy-owned firms, fake fixed deposit receipts (FDRs) worth Rs 116 crore, and seven arrests, including bank officials and CREST project directors, with funds diverted into real estate investments.
The case exemplifies the misuse of financial systems and identity masking in large-scale fraud. For details, see the Indian Express report (link).
Similar fraud tactics were highlighted in a blog post on KCNET, which discussed the escalating trends in financial fraud. These incidents underscore the need for stricter regulatory measures and enhanced cybersecurity protocols to prevent such scams. For a deeper dive into cybersecurity threats and fraud alerts, refer to our article on cyber fraud and geopolitical threats.
Final words
The recent cybersecurity incidents underscore the need for holistic risk frameworks. Organizations must integrate digital resilience, supply-chain audits, and geopolitical threat modeling to mitigate emerging threats. For more insights, refer to The Daily Star and Moneycontrol.