Your team’s OAuth integrations just became a supply chain liability. Vercel disclosed this weekend that attackers reached customer API keys, source code, and database data, starting with one employee who downloaded a consumer app built by Context AI and connected it to their corporate Google account.
The attack chain ran through Context AI’s Office Suite app, which hackers compromised in March. OAuth tokens collected during that breach let attackers pivot into the Vercel employee’s Google account, then deeper into Vercel’s internal systems, where customer credentials sat unencrypted. CEO Guillermo Rauch posted to X telling customers to rotate any keys and credentials marked “non-sensitive” in their deployments.
The blast radius is still expanding. Vercel says the breach may affect “hundreds of users across many organizations.”
Context AI, which builds evaluation and analytics tooling for AI models, had notified just one customer after first discovering its breach in March. It now acknowledges the incident is “likely broader than first thought.” Vercel is still seeking answers from Context AI about what happened and why the disclosure was so narrow.
A group claiming to represent ShinyHunters listed stolen Vercel data for sale on a cybercriminal forum. ShinyHunters told Bleeping Computer they weren’t involved. No ransom demand has reached Vercel.
Monday morning: pull up every OAuth app your team has authorized against your Google Workspace, GitHub, and Slack accounts. Any app touching production environment variables is a supply chain risk now. Revoke what your team can’t name on the spot.
— Nathan Zakhary