Threat actor group TeamPCP compromised LiteLLM, an open-source Python AI proxy library widely used in AI/ML pipelines, in a supply chain attack (T1195.001, CWE-494) that propagated downstream to Mercor’s production AI environment, resulting in Meta suspending active projects with Mercor. No CVE has been assigned and the specific compromised version range has not been confirmed from primary sources. Organizations consuming LiteLLM via PyPI or GitHub should immediately inventory all deployments, verify installed version integrity against official checksums, rotate all LLM provider API keys accessible to LiteLLM processes, and enforce package hash verification in CI/CD pipelines.