Vercel Breach Started With AI Tool

Vercel Breach Started With AI Tool

From Cybersecurity Today by Jim Love

April 22, 2026 · 11 min

About this episode

The episode discusses the Vercel supply-chain breach initiated by an AI tool, a lawsuit against Meta over scam ads, and the current state of ransomware incidents.

Vercel Supply-Chain Breach via AI Tool, Meta Sued Over Scam Ads, and Ransomware Surges with "The Gentleman" David Shipley covers new details on the Vercel breach, which began when an employee used the third-party AI tool Context AI; after Context AI was breached, attackers leveraged Google OAuth access to pivot into Vercel systems and enumerate unencrypted "non-sensitive" environment variables that contained usable secrets, with a hacker claiming Vercel data and source code and demanding $2M, while Vercel says Next.js and other open-source projects are safe and shares Google OAuth indicators of compromise. The episode also discusses a proposed class-action lawsuit alleging Meta misled users about scam ads and profited from them, noting Meta's claim it removed 159M scam ads and shut down nearly 11M criminal accounts. Finally, it cites ZeroFox data showing ransomware incidents holding steady at 2,059 in Q1 2026 and highlights Check Point research indicating "The Gentleman" has a much larger victim footprint and uses tactics like disabling Defender, re-enabling SMB1, abusing GPO, and targeting VMware environments. Cybersecurity Today would like to thank Meter for their support in…

People in this episode

Host: David Shipley

Topics covered

  • Vercel breach
  • AI tools
  • Meta lawsuit
  • ransomware

Keywords

  • Context AI
  • Google OAuth
  • ZeroFox
  • Check Point
  • The Gentleman

Sponsors

Meter

Mentioned in this episode

Products: Context AI, Next.js, Defender, SMB1, Google OAuth, VMware

Books & works: The Gentleman

More episodes of Cybersecurity Today

Explore listener stats, chart rankings, contacts and more on the Cybersecurity Today podcast page.