VERCEL هجوم يغيّر قواعد اللعبة الذكاء الاصطناعي لم يعد مجرد أداة بناء — بل أصبح

1 2 19
calendar_todayschedule1 min read
  1. The Attack Chain — Step by Step

A Context.ai employee was infected with Lumma Stealer back in February 2026 because he was searching for cracked Roblox scripts online.
The stealer harvested his Google Workspace credentials, along with Supabase, Datadog, and Authkit keys.
(Source: Help Net Security)

One Vercel employee was using Context.ai with his Enterprise account and had granted it “Allow All” permissions on Google Drive.
The attacker used the stolen OAuth token to access that employee’s Workspace account and pivoted directly into Vercel’s internal infrastructure.
(Source: OX Security)


  1. What Was Stolen?

The attacker exfiltrated:

  • API keys
  • GitHub tokens
  • NPM tokens
  • Internal tool logs for 580 employees

According to Vercel’s CEO, the intruder moved with unusual speed, strongly suggesting the use of AI‑accelerated reconnaissance.
(Source: Strobes)


  1. Who’s Behind It?

The group claiming responsibility: ShinyHunters — the same threat actors behind breaches at:

  • Ticketmaster
  • Santander
  • Rockstar
  • AT&T

They listed the stolen Vercel data for $2 million on BreachForums.
(Source: Strobes)


  1. The Most Dangerous Lesson

The breach was not discovered by Vercel’s security team.
It was discovered only because the attacker chose to sell the data publicly.

The time gap between initial access and detection is the most alarming part of the incident.


  1. Suggested Sections for Your Full Post
  • The Complete Hacking Series: 6 Steps — From a Roblox Script to a $2M Breach
  • Shocking Stats: 580 Employees, $2 Million, One OAuth Token
  • All Leaked Data in a Clear Grid
  • Who Are ShinyHunters? Their Criminal Track Record
  • The Most Dangerous Lesson: Detection Came From the Attacker, Not the Defenders

GitHub release
GitHub stars
GitHub forks
GitHub issues
License
Platform

3 Comments

1 vote
1
0
🔥 Join developers growing publicly
Share your knowledge, build in public, and grow your developer presence with a global community.

More Posts

How Much Does a Custom Website Cost in 2026? Pricing Guide

Built2Win - Jul 2

Custom Website vs Template: Which Is Better for SEO & Speed?

Built2Win - Jun 25

How Long Does It Take to Build a Custom Website? 2026 Timeline

Built2Win - Jun 29

Strict Comparison in PHP Explained at the Zend Engine Level

István Döbrentei - Jan 9

Supply Chain Security in PHP Projects

István Döbrentei - Dec 26, 2025
chevron_left
4.1k Points22 Badges
The UAEnike49424.live
21Posts
32Comments
40Connections
The Vulnerability Hunter Warrior

Cybersecurity Researcher

Specialized in Zero-Day Discovery,
Threat Intelligence & Automated Defense Systems

Related Jobs

View all jobs →

Commenters (This Week)

2 comments
1 comment

Contribute meaningful comments to climb the leaderboard and earn badges!