Vercel Cloud Platform Breached in Security Hack
▼ Summary
– The security incident stemmed from a compromised third-party AI tool’s Google Workspace OAuth application.
– This broader compromise potentially impacted hundreds of users across multiple organizations.
– The investigators have published an Indicator of Compromise (IOC) to aid the community.
– They recommend Google Workspace Administrators check for this app’s usage immediately.
– They also recommend individual Google Account owners perform the same check.
A recent security investigation has confirmed that a breach of the Vercel cloud platform stemmed from a compromised third-party AI tool. The specific vulnerability involved the tool’s Google Workspace OAuth application, which was part of a larger, widespread compromise. This broader attack vector has the potential to impact hundreds of users across numerous organizations, extending the risk beyond a single company.
To aid the wider security community in its defensive efforts, we are sharing the relevant indicator of compromise (IOC). This information is intended to help other organizations investigate and screen their own environments for any related malicious activity. We strongly urge all Google Workspace Administrators and individual Google Account owners to immediately audit their systems for any usage or authorization granted to this specific application. Proactive verification is a critical step in mitigating potential threats stemming from this incident.
(Source: The Verge)
