TheRegister's platform is a leading technology news website, offering insights into IT industry news, hardware reviews, and software updates. Through articles, analysis, and opinion pieces, TheRegister offers insights into cybersecurity threats, technology trends, and industry developments. Readers can stay updated with the latest news and analysis from the world of technology and IT business.

The Register

Vercel disclosed a security incident in which an attacker compromised a third-party AI tool (Context.ai) used by a Vercel employee, then leveraged stolen OAuth tokens to access Vercel's Google Workspace and internal environments. This exposed environment variables and credentials for a limited subset of customers. Context.ai had suffered an AWS breach in March, which CrowdStrike investigated but apparently missed the OAuth token compromise. The incident highlights risks of agentic AI tools with broad OAuth permissions connecting to enterprise accounts.

Next.js developer Vercel warns customer creds compromised