In this episode of BHIS Presents: AI Security Ops, the team breaks down the Vercel breach — a real-world incident that shows just how fragile modern security has become in the age of AI integrations and SaaS sprawl.

What started as a simple Roblox cheat script downloaded on a work laptop quickly escalated into a multi-hop compromise involving OAuth permissions, an AI productivity tool, and access into Vercel’s internal systems.

This wasn’t a zero-day or advanced nation-state exploit. It was a chain of everyday decisions: installing software, clicking “Allow,” and trusting third-party integrations.

The result? Allegedly $2M worth of data listed for sale, including API keys, internal data, and employee records — all from a breach path that most organizations aren’t even monitoring.

We dig into:
• What Vercel is and why it’s such a high-value target
• How environment variables become the “keys to the kingdom”
• The full attack chain: Roblox malware → Context.ai → Vercel
• What infostealers like Lumma actually do (and how cheap they are)
• How OAuth permissions become persistent backdoors
• Why AI productivity tools introduce hidden risk
• The rise of “shadow AI” inside organizations
• How supply chain attacks continue to scale across ecosystems
• The role of AI in accelerating attacker speed and capability
• Why this type of breach is becoming the new normal

This episode highlights a critical shift in cybersecurity: you don’t have to get hacked directly anymore — attackers just need to compromise something you’ve already trusted.

⸻

📚 Key Concepts & Topics

Attack Chain & Initial Access
• Lumma infostealer and malware-as-a-service
• Credential theft: passwords, cookies, OAuth tokens
• Low-cost, high-impact compromise paths

OAuth & Identity Risk
• “Allow All” permissions and persistent access
• OAuth tokens as long-lived entry points
• Lack of visibility into third-party integrations

AI Security Risks
• Shadow AI and unsanctioned tool adoption
• Deep integrations with Google Workspace and SaaS
• AI tools as new supply chain attack surfaces

Supply Chain Attacks
• Multi-hop compromise paths across vendors
• Real-world parallels (Trivy, LiteLLM)
• Interconnected ecosystems increasing blast radius

Threat Landscape Evolution
• AI accelerating attacker speed and scale
• Lower barrier to entry for complex attacks
• Criminal groups operating as decentralized “businesses”

Defensive Strategy
• Auditing OAuth integrations and permissions
• Enforcing least privilege across SaaS tools
• Segmenting sensitive data and reducing blast radius
• Avoiding risky behavior on corporate devices

⏱️ Chapters

• (00:00) - Intro & Breach Overview
• (00:21) - Sponsors & Show Setup
• (01:29) - What Vercel Is & Why It Matters
• (02:31) - Initial Compromise: Roblox Script & Infostealer
• (05:03) - OAuth Permissions & Pivot into Vercel
• (08:04) - AI Tools, Over-Permissioning & Supply Chain Risk
• (09:53) - AI Acceleration of Attacks & Ecosystem Impact
• (13:34) - Threat Actors, Attribution & Key Takeaways

Black Hills Information Security

https://www.blackhillsinfosec.com

Antisyphon Training

https://www.antisyphontraining.com/

Active Countermeasures

https://www.activecountermeasures.com

Wild West Hackin Fest

https://wildwesthackinfest.com

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits
https://poweredbybhis.com

Click here to view the episode transcript.