There you have it! Vercel — the platform running a chunk of the modern internet — got breached th…
April 20, 2026 · 0 likes · 0 comments
Cybersecurity Workforce
There you have it! Vercel — the platform running a chunk of the modern internet — got breached through an AI tool nobody asked about in the risk review.
The attacker did not touch Vercel's firewall. They did not crack Vercel's VPN. They went through Context.ai — a third-party AI analytics vendor — then pivoted straight into a Vercel employee's Google Workspace, then into Vercel's internal systems and environment variables.
$2 million in data now allegedly up for sale.
Let that sink in.
One OAuth consent screen. One "Sign in with Google." One AI integration your team approved without a security review.
That is the entire kill chain.
Now read the next sentence carefully.
I have been screaming about this exact failure mode for years. The perimeter is not your firewall. It never was. The perimeter is the identity graph — and every AI tool you granted OAuth access to is now sitting inside it.
It means every "Log in with Google" button on an AI SaaS tool is a production credential for your environment.
It means the blast radius of a single compromised AI vendor is your source code, your customer data, and your secrets.
It means the supply chain is no longer software packages. The supply chain is IDENTITY.
Read that again.
Most companies still treat AI integrations like Chrome extensions. Click. Approve. Forget.
Meanwhile the attacker is already three hops deep. Context.ai → employee Workspace → Vercel internals → environment variables. Not a zero-day. Not a firewall bypass. A CONSENT SCREEN.
Zero trust is not a slide. It is a posture. Every AI tool an employee signs into with corporate SSO is a production identity. Every OAuth scope is a permission. Every token is a credential that never expires unless you force it to.
So here is your homework for this week.
Pull every OAuth grant on your Google Workspace and Microsoft 365. Revoke anything that is not explicitly approved. Rotate secrets on every environment an AI tool touched. Kill standing access. Rotate on use. Monitor consent events like you monitor logins. Assume breach on every AI vendor whose pentest you have not personally read.
You will not like what you find.
You cannot win a cyber war while your identity perimeter is leased out by the browser extension of the month.
You are either running an identity-first security program, or you are a line item in someone's $2 million data sale.
No middle outcome.
I write about exactly this collision — AI speed, identity sprawl, consent-screen supply chains — in my book, "Replacement," out end of July. How America either rebuilds its security posture for the AI era, or gets replaced by adversaries who already have.
A DISGRACE.
What are your thoughts?
The attacker did not touch Vercel's firewall. They did not crack Vercel's VPN. They went through Context.ai — a third-party AI analytics vendor — then pivoted straight into a Vercel employee's Google Workspace, then into Vercel's internal systems and environment variables.
$2 million in data now allegedly up for sale.
Let that sink in.
One OAuth consent screen. One "Sign in with Google." One AI integration your team approved without a security review.
That is the entire kill chain.
Now read the next sentence carefully.
I have been screaming about this exact failure mode for years. The perimeter is not your firewall. It never was. The perimeter is the identity graph — and every AI tool you granted OAuth access to is now sitting inside it.
It means every "Log in with Google" button on an AI SaaS tool is a production credential for your environment.
It means the blast radius of a single compromised AI vendor is your source code, your customer data, and your secrets.
It means the supply chain is no longer software packages. The supply chain is IDENTITY.
Read that again.
Most companies still treat AI integrations like Chrome extensions. Click. Approve. Forget.
Meanwhile the attacker is already three hops deep. Context.ai → employee Workspace → Vercel internals → environment variables. Not a zero-day. Not a firewall bypass. A CONSENT SCREEN.
Zero trust is not a slide. It is a posture. Every AI tool an employee signs into with corporate SSO is a production identity. Every OAuth scope is a permission. Every token is a credential that never expires unless you force it to.
So here is your homework for this week.
Pull every OAuth grant on your Google Workspace and Microsoft 365. Revoke anything that is not explicitly approved. Rotate secrets on every environment an AI tool touched. Kill standing access. Rotate on use. Monitor consent events like you monitor logins. Assume breach on every AI vendor whose pentest you have not personally read.
You will not like what you find.
You cannot win a cyber war while your identity perimeter is leased out by the browser extension of the month.
You are either running an identity-first security program, or you are a line item in someone's $2 million data sale.
No middle outcome.
I write about exactly this collision — AI speed, identity sprawl, consent-screen supply chains — in my book, "Replacement," out end of July. How America either rebuilds its security posture for the AI era, or gets replaced by adversaries who already have.
A DISGRACE.
What are your thoughts?