Vercel Was Breached. The Attack Started With an AI Tool. One Employee's AI Integration Was the Door Into the Entire Platform.

Vercel disclosed a security incident originating with a compromise of Context.ai, a third-party AI tool used by one of their employees. The attacker used that access to take over the employee's Google Workspace account, which gave them access to Vercel's internal systems and environment variables storing API keys, secrets, and deployment configurations for thousands of customer applications.

An AI tool was the attack vector. Not a phishing email. Not a brute force attack. A third-party AI product that one employee had connected to their workflow became the door the attacker walked through into one of the world's most widely used developer infrastructure platforms.

This is the supply chain attack through AI tools. Every AI integration your employees use is a potential entry point. Every third-party AI product connected to a work account has access to something. Most organizations have no idea what tools their people are using or what those tools can access. Nobody at Vercel was watching Context.ai. The attacker was.

This is not an edge case. This is the attack pattern that scales. The more AI tools your employees adopt, the wider your attack surface becomes. And the oversight structures most organizations have were not built for this.