Vercel — Additional Compromised Accounts After Context.ai Breach

Colleagues, cybersecurity alert: Vercel has identified additional customer accounts compromised in an incident linked to Context.ai.
- New compromises discovered after extended analysis of indicators and logs.
- Previously compromised accounts traced, likely via social engineering or malware; affected parties notified.
- Attackers leveraged a compromised Google Workspace account to move into Vercel’s environment and decrypted certain non-sensitive variables.
- Hudson Rock links the origin to a Lumma Stealer infection on a Context.ai employee’s device.
Why it matters: underscores risks of OAuth integrations and shadow AI; requires rapid containment.
How do you prioritise protection of integrations?
#кибербезопасность #SaaS #OAuth #инциденты


Latest comments
No comments yet.