The Hacker News

Toxic Combinations: When Cross-App Permissions Stack into Risk

Toxic combinations form when AI agents, integrations, or OAuth grants bridge SaaS apps into trust relationships no single ...

Vercel breach exposes the OAuth gap most security teams cannot detect, scope or contain

A Vercel employee's AI tool OAuth grant gave attackers access to internal systems via a four-hop kill chain. Here's what ...
InfoWorld

Hackers exploit Vercel’s trust in AI integration

Compromised Context.ai integration let attackers inherit Vercel employee access and reach internal systems, exposing a ...
Dark Reading

Vercel Employee's AI Tool Access Led to Data Breach

Stolen OAuth tokens, which are at the root of these breaches, "are the new attack surface, the new lateral movement," a ...
The Hacker News

Vercel Finds More Compromised Accounts in Context.ai-Linked Breach

Vercel uncovered additional compromised accounts after expanding its probe into a Context.ai-linked breach, exposing OAuth ...
heise online

Twenty 2.0: The open-source CRM follows up

With version 2.0.0, the open-source CRM Twenty receives a comprehensive update. The release focuses on AI integration, ...

The Vercel Breach Wasn’t Just a Hack. It Was a Trust Failure

Modern apps make building easier than ever, but without strong security practices, one small mistake can expose your entire ...

AI rules instead of black box: Deterministic control of AI agents

The new version of Agent Fabric brings cross-vendor control and deterministic process specifications to multi-agent workflows ...
FinanceFeeds

Vercel Security Incident: Supply Chain and OAuth Vulnerabilities

Vercel, the cloud frontend platform, disclosed a significant security breach on April 19, 2026, which originated from a ...