AI-assisted intruders pwned Vercel via OAuth abuse and a pilfered employee account
Summary
Vercel's recent security breach is suspected by its CEO to have involved AI assistance, due to the attackers' "surprising velocity" and in-depth knowledge of the company's infrastructure. The breach was executed via OAuth abuse and the compromise of an employee account, with stolen data reportedly being offered for sale at $2 million.
IFF Assessment
The use of AI to enhance the speed and effectiveness of attacks, combined with account compromise, represents a significant threat to defenders.
Defender Context
This incident highlights the growing concern of AI being weaponized to accelerate and improve the sophistication of cyberattacks. Defenders should be prepared for faster, more targeted attacks that may exploit supply chain vulnerabilities like OAuth configurations, and focus on strengthening employee account security and multi-factor authentication.