Jun 10
✨ Black Duck Signal x ContextAI
Agentic AppSec combining AI innovation with 20 years of security intelligence:
✅ Secure coding best practices
✅ Vulnerability detection
✅ OSS risk management
✅ Malicious package alerts
Learn more: bit.ly/4s1jeGS
#BlackDuck #AppSec
1
152
Apr 28
ブラウザ拡張機能をサプライチェーン攻撃ベクトルとして扱うべき時が来た
Vercel侵害事件を例に、(1)従業員がContextai拡張機能をインストール→OAuthでGoogleアカウントアクセス許可、(2)Contextai社員がRobloxチート拡張機能(実体は情報窃取マルウェア)をインストール、(3)結果としてVercelのOAuthトークンが盗まれた、という連鎖
これは絶対に解説動画撮りたい...
aikido.dev/blog/browser-exte…
8
39
4,802
A single click can have devastating consequences. Hackers exploited a vulnerability in Context.ai, then targeted a Vercel employee's work email. It highlights how tiny vulnerabilities can be exploited through sheer persistence. #GojuTechTalk #Vercel #ContextAI
1
2
58
Apr 23
Delve'nin 'lastik damga' sertifikaları 6.6 milyar dolarlık Lovable'ı da vurdu. Veri ihlali, güvenliğin bir illüzyon olduğunu gösteriyor. Kimin verisi güvende? 🚨 #Delve #ContextAI #LiteLLM #Rasyox
2
4
5
105
Apr 22
El proveedor de alojamiento en la nube popular entre los proyectos de criptomonedas, Vercel, confirmó haber sufrido una violación de seguridad que permitió a los hackers hacerse con un subconjunto limitado de credenciales de clientes. La confirmación de Vercel se produjo después de que múltiples usuarios de la red social X informaran que una publicación en el foro de hacking BreachForums, de un usuario llamado ShinyHunters, afirmaba estar ofreciendo datos de Vercel a cambio de US$2 millones.
El CEO de Vercel, Guillermo Rauch, declaró que el ataque se originó después de que un empleado de Vercel fuera comprometido a través de una violación de una herramienta de inteligencia artificial que utilizaba, llamada Contextai.
1
465
Apr 21
Vercel didn't get breached through a zero-day. It was an OAuth permission - the kind we all approve in 30 seconds without reading.
An AI tool called "ContextAI" had Google Workspace access to a Vercel employee's account - that was the door.
The attacker walked right through it, and the CEO suspects they were "significantly accelerated by AI."
We're not just building with AI anymore - we're being hunted with it.
Every third-party AI tool your team connected to Workspace, @github, or @SlackHQ in the last year is a potential version of this.
The breach isn't a @vercel problem. It's the industry's next two years.
3
76
Apr 21
This is a textbook OAuth supply-chain attack in the AI era. Tools are powerful, but permission hygiene matters more than ever.
Vercel, ContextAI, and the security community are moving fast and transparently.
Apr 20
🔥 Vercel disclosed a BREACH after an attacker used a compromised 3rd-party AI tool to take over an employee account.
Some internal systems, non-sensitive variables, and limited customer credentials were exposed.
🔗 Read → thehackernews.com/2026/04/ve…
7
10
57
13,761
Apr 21
How it happened (official attack chain):
🔸 Feb 2026: ContextAI employee’s device infected with Lumma Stealer malware.
🔸 March: Attacker accessed ContextAI’s AWS and stole OAuth tokens from their legacy “AI Office Suite” (consumer product, now deprecated).
🔸 April: One stolen token (from a Vercel employee who granted broad Google Workspace access) let the attacker pivot into Vercel’s internal systems.
They enumerated non-sensitive env vars.
1
1
8
2,480
Apr 21
Điều gì cũng có 2 mặt & AI cũng vậy. AI đã quá thông minh.
Cập nhật vụ @vercel bị hack:
- Nguyên nhân chính đến từ việc một nhân viên Vercel bị hack tài khoản Google workspace thông qua nền tảng AI bên thứ 3 là ContextAI.
- Ngắn gọn 1 chút thì ContextAI là bộ công cụ giúp tích hợp AI vào quy trình làm việc văn phòng & quản lý dữ liệu.
- Từ đây hacker đã leo thang đặc quyền từ tài khoản google để truy cập vào nội bộ vercel.
- Hacker đã sử dụng AI để quét toàn bộ dữ liệu chiếm được trong 1 khoảng thời gian rất ngắn mà ngay chính CEO của Vercel cũng phải thừa nhận rằng tốc độ của nó là quá khủng khiếp.
Apr 19
Here's my update to the broader community about the ongoing incident investigation. I want to give you the rundown of the situation directly.
A Vercel employee got compromised via the breach of an AI platform customer called Context.ai that he was using. The details are being fully investigated.
Through a series of maneuvers that escalated from our colleague’s compromised Vercel Google Workspace account, the attacker got further access to Vercel environments.
Vercel stores all customer environment variables fully encrypted at rest. We have numerous defense-in-depth mechanisms to protect core systems and customer data. We do have a capability however to designate environment variables as “non-sensitive”. Unfortunately, the attacker got further access through their enumeration.
We believe the attacking group to be highly sophisticated and, I strongly suspect, significantly accelerated by AI. They moved with surprising velocity and in-depth understanding of Vercel.
At the moment, we believe the number of customers with security impact to be quite limited. We’ve reached out with utmost priority to the ones we have concerns about. All of our focus right now is on investigation, communication to customers, enhancement of security measures, and sanitization of our environments. We’ve deployed extensive protection measures and monitoring. We’ve analyzed our supply chain, ensuring Next.js, Turbopack, and our many open source projects remain safe for our community.
The recommendation for all Vercel customers is to follow the Security Bulletin closely (vercel.com/kb/bulletin/verce…). My advice to everyone is to follow the best practices of security response: secret rotation, monitoring access to your Vercel environments and linked services, and ensuring the proper use of the sensitive env variables feature.
In response to this, and to aid in the improvement of all of our customers’ security postures, we’ve already rolled out new capabilities in the dashboard, including an overview page of environment variables, and a better user interface for sensitive env var creation and management. As always, I’m totally open to your feedback.
We’re working with elite cybersecurity firms, industry peers, and law enforcement. We’ve reached out to Context to assist in understanding the full scale of the incident, in an effort to protect other organizations and the broader internet. I also want to thank the Google Mandiant team for their active engagement and assistance.
It’s my mission to turn this attack into the most formidable security response imaginable. It’s always been a top priority for me. Vercel employs some of the most dedicated security researchers and security-minded engineers in the world. I commit to keeping you updated and rolling out extensive improvements and defenses so you, our customers and community, can have the peace of mind that Vercel always has your back.
2
81
Apr 21
なんでかっていうと、この件の本質はハッキングされたのはContextaiだけなのにそこからVercel、さらにその顧客のデータまでアクセスできたこと。
トークンがあれば通常の方法でAPIを利用し社内データにアクセスできる。一箇所からだけでもトークンが取れればあとはハックなしで芋づる式にデータアクセスできる。
7
1,252
Apr 20
📢⚠️ Vercel confirms breach linked to #ContextAI as a hacker listed alleged data for $2M. ShinyHunters denies involvement and flags impostors.
Read: hackread.com/vercel-breach-c…
#CyberSecurity #Vercel #DataBreach #ShinyHunters
3
6
1,664
Fired 30% of our team this morning.
We recently adopted a new tool, ContextAI. The productivity gains forced me to reconsider our headcount.
Bon voyage to my former employees!
3
29
2,429
Apr 20
?? What’s the point of this? Are you suggesting that if a company is (genuinely) SOC 2 audited they are unhackable?
Because SOC2 just raises the height of the wall — it’s still surmountable. And in today’s age of AI, no wall = a wall = SOC2 wall. If you are able to social engineer your way in, you’re good to go. So why this pointless banter at this point? We all know Delve did some shenanigans, that does not absolve the builders (of contextai) and the consumers (in this case Vercel) of a security loophole at their ends.
1
9
4,810
Apr 20
Vercelがサイバー攻撃されたらしい。一部ユーザのVercelアプリのenv変数で"sensitive"に設定してなかった値(パスワードや認証トークン)が盗まれた可能性。心当たりある人は認証トークン変更などした方が良さそう。原因はVercel社員がContextAIとかいうツールを使ってて、ツールにGoogleWorkspaceへのアクセス権を渡してた。攻撃者はまずContextAIに侵入。そこからVercel社員のGoogleWorkspaceのドキュメントとか見まくって、Vercel社内環境へのアクセスをゲットして侵入。そんでVercelユーザのデータをゲットしたとの事
Apr 19
Here's my update to the broader community about the ongoing incident investigation. I want to give you the rundown of the situation directly.
A Vercel employee got compromised via the breach of an AI platform customer called Context.ai that he was using. The details are being fully investigated.
Through a series of maneuvers that escalated from our colleague’s compromised Vercel Google Workspace account, the attacker got further access to Vercel environments.
Vercel stores all customer environment variables fully encrypted at rest. We have numerous defense-in-depth mechanisms to protect core systems and customer data. We do have a capability however to designate environment variables as “non-sensitive”. Unfortunately, the attacker got further access through their enumeration.
We believe the attacking group to be highly sophisticated and, I strongly suspect, significantly accelerated by AI. They moved with surprising velocity and in-depth understanding of Vercel.
At the moment, we believe the number of customers with security impact to be quite limited. We’ve reached out with utmost priority to the ones we have concerns about. All of our focus right now is on investigation, communication to customers, enhancement of security measures, and sanitization of our environments. We’ve deployed extensive protection measures and monitoring. We’ve analyzed our supply chain, ensuring Next.js, Turbopack, and our many open source projects remain safe for our community.
The recommendation for all Vercel customers is to follow the Security Bulletin closely (vercel.com/kb/bulletin/verce…). My advice to everyone is to follow the best practices of security response: secret rotation, monitoring access to your Vercel environments and linked services, and ensuring the proper use of the sensitive env variables feature.
In response to this, and to aid in the improvement of all of our customers’ security postures, we’ve already rolled out new capabilities in the dashboard, including an overview page of environment variables, and a better user interface for sensitive env var creation and management. As always, I’m totally open to your feedback.
We’re working with elite cybersecurity firms, industry peers, and law enforcement. We’ve reached out to Context to assist in understanding the full scale of the incident, in an effort to protect other organizations and the broader internet. I also want to thank the Google Mandiant team for their active engagement and assistance.
It’s my mission to turn this attack into the most formidable security response imaginable. It’s always been a top priority for me. Vercel employs some of the most dedicated security researchers and security-minded engineers in the world. I commit to keeping you updated and rolling out extensive improvements and defenses so you, our customers and community, can have the peace of mind that Vercel always has your back.
14
60
16,021
Apr 20
🔴 Vercel got hacked
A single Vercel employee’s Google Workspace account gets compromised via a third-party AI tool (ContextAI)… and suddenly attackers can escalate privileges and crawl through internal systems, even pulling “non-sensitive” env vars that weren’t encrypted.
What you should do NOW:
🔒 Rotate or change all your keys on Vercel
🔑 Enforce least privilege short-lived credentials (no broad access accounts)
🧠 Audit ALL third-party AI tools connected to your org (especially OAuth access)
🚫 Disable auto-trust integrations with Google Workspace / Slack / GitHub
🕵️ Monitor unusual privilege escalation rapid enumeration patterns
Convenience is killing security.
AI isn’t the risk — how you integrate it is.
#cybersecurity #AI #infosec #vercel
1
2
51
Apr 20
Scary timeline
Claude Mythos gets teased to the public, but too dangerous to be released publicly. Then the following exploits happen:
> Drift protocol for $285M
> Rhea protocol for $7.6
> Kelp via LayerZero for $292M splashing over to Aave
> Vercel breach via ContextAI
In less than 3 weeks
If hackers got their hands on a next-gen model, maybe we need something @claudeai
1
4
278
Just wrapped up my internship at context.ai
Huge thanks to the team for the opportunity and everything I learned. Grateful for the experience!
#ContextAI #Internship
6
299
Per TechCrunch: Littlebird raises $11M for its AI-assisted ‘recall’ tool that reads your computer screen.
#AIProductivity #StartupFunding #ContextAI 🤖💻
Source: techcrunch.com/2026/03/23/li…
1
3
46
AI context management across Claude, Cursor, Kiro, Gemini and custom agents.
Most teams using AI coding agents maintain separate context files for each tool: CLAUDE.md, .cursorrules, copilot-instructions.md, GEMINI.md, AGENTS.md, llms.txt, .kiro/steering, .windsurf/rules. Same information, different formats, constant drift.
contextai is an open-source CLI that generates all of them from one typed TypeScript config file.
contextai.run
github.com/madeburo/contexta…
#opensource #ai #contextengineering #devtools #typescript
@claudeai @cursor_ai @antigravity @GithubProjects @ThePracticalDev
3
6
263
Feb 28
Apparently such deadly conflicts brings out the worst of humanity out on this app, sharing old/out of contextAI generated content to get eye balls 🤬
This video isn't recent - It's from October 26th, 2024, per reports it depicts a fire that broke out in a building in Tel Aviv.
3
48