
Hey there! Let’s talk about what happened at Vercel recently. One employee at Vercel decided to use an AI tool, which seemed harmless at first. However, an employee at the AI vendor that provided the tool was hit with an infostealer. This unfortunate chain of events paved the way for attackers to gain unauthorized access to Vercel’s internal systems through an OAuth grant that had not been properly reviewed.
Vercel, the cloud platform known for Next.js and its popular npm downloads, confirmed that unauthorized individuals had breached their systems. Mandiant and law enforcement were brought in to investigate the incident. Fortunately, a coordinated audit with GitHub, Microsoft, npm, and Socket confirmed that no Vercel npm packages were compromised. Vercel took steps to enhance security measures, such as defaulting environment variable creation to “sensitive.”
The breach originated from Context.ai, where a Vercel employee had installed a browser extension and unwittingly granted broad OAuth permissions using their corporate Google Workspace account. This allowed the attacker to gain access to Vercel environments and escalate privileges by exploiting non-sensitive environment variables.
CEO Guillermo Rauch described the attacker as “highly sophisticated, likely accelerated by AI.” Independently, Jaime Blasco from Nudge Security uncovered another OAuth grant linked to Context.ai’s Chrome extension, further complicating the situation.
Initial Infection and Escalation
A report from Hudson Rock revealed that the breach could be traced back to a Lumma Stealer infection on a Context.ai employee’s device in February 2026. This infection led to the compromise of various credentials, including Google Workspace logins and other sensitive data. The attacker, leveraging these credentials, managed to access Vercel’s internal systems.
Context.ai acknowledged the breach in its own security bulletin, emphasizing that the impact was limited to their consumer product and not their enterprise offering. The breach exposed gaps in security measures and highlighted the importance of timely detection and response.
The timeline of events, from the initial compromise to the eventual disclosure, raised concerns about the dwell time between detection and notification. The breach underscored the need for robust security measures and proactive threat detection.
Lessons Learned
The breach at Vercel highlighted several governance failures and security vulnerabilities that organizations should address:
- Review and audit OAuth permissions granted to third-party tools
- Implement strict controls on environment variable classification
- Enhance detection capabilities for infostealer-to-supply-chain attacks
- Reduce dwell time between detection and notification
- Monitor and manage shadow AI adoption within the organization
- Accelerate response timelines to counter AI-powered attackers
Final Thoughts
As security directors, it’s crucial to stay vigilant and proactive in addressing potential security risks. The breach at Vercel serves as a stark reminder of the evolving threat landscape and the importance of robust security measures. By learning from such incidents and implementing best practices, organizations can better protect their systems and data from malicious actors.
Stay safe and secure!
