Cloud Platform Vercel Confirmed Data Breach via Supply Chain Attack
Cloud platform Vercel confirmed a data breach after a supply chain attack on a third-party AI tool, Context.ai. Threat actors used stolen OAuth tokens to access internal systems. Enterprises are advised to revoke the Context.ai OAuth app and restrict broad third-party permission grants.
Cloud infrastructure provider Vercel recently disclosed a security breach stemming from a supply-chain attack. The incident exposed “non-sensitive” environment variables for a “limited subset of customers.” The disclosure comes following claims from a threat actor group claiming affiliation with ‘ShinyHunters’ group - a group known for targeting cloud platforms and third-party integrations. The group attempted to sell alleged Vercel databases, accessing keys, source codes, and employee accounts for USD 2 (PHP 144) million on a hacking forum.
PSA Intelligence Security Analyst Team Inside
The PSA Intelligence team of security and risk analysts monitor thousands of intelligence sources across the Philippines and broader APAC region daily. PSA Intelligence supplies well-known international corporate security operations centers and enterprise risk management teams the reports and data required for their operations.
Contact us to for access to our regular risk management reports and data-feeds. Be sure to talk to us about our analyst vetted, reliable data feeds for your AI driven risk management systems too. We have 20+ years of back-data and keep the data acquisition pipelines running so you don't have to.
PSA Intelligence: Regional Reporting Capabilities
Our fast-paced intelligence pipeline is driven by a dedicated team of Manila-based security analysts that monitor the Philippine landscape every day. We bring together on-the-ground local insight with large scale data monitoring and cut through the noise to deliver the concise, actionable intelligence that our clients rely on to navigate their risks.
Regular Briefs & Industry Monitors
We provide a weekly digest of key political, economic, and security developments and analysis of their short and long-term impact on the local and regional business environment. Our Industry Monitors deliver regular summaries of key developments in manufacturing, energy, mining, and tourism.
Our Cyber Risks Briefs detail emerging cyberthreats, digital security vulnerabilities, and regulatory shifts, while our Economic Briefs provide macroeconomic snapshots covering inflation, trade markers, and fiscal policy. We also publish Health Risks Briefs tracking local disease statistics and healthcare capacities.
Targeted Crime & Kidnapping Reports
Our teams produce continuous updates and analysis on developing crime and safety trends targeting corporates and staff, ranging from opportunistic petty crime to syndicated criminal activity. This includes deep dives on known modus operandi, suspect profiles, and sociopolitical environments.
Additionally, we monitor Kidnapping Related Incidents in the Philippines, tracking publicly-known abduction cases, motives, victim profiles, and the broader regional developments that influence these threat vectors.
Insurgency, Terrorism, and Civil Unrest
We conduct ongoing analysis of activities of Communist insurgents in the Philippines, including their estimated operational capabilities, regional hotspots, and the progress of government peace processes.
Our coverage extends to Islamist Insurgency and Terrorism in Mindanao, assessing activities not limited to terrorism-related motivations but also criminal, personal, and cultural factors. We provide continuous assessments of political stability, strikes, protests, and broader civil unrest dynamics affecting operational continuity.
Ask an Analyst
Do you have a question regarding this report that you would like to ask our team of security and risk analysts? Ask here.
Query Sent
Thank you. Our intelligence team will respond to your query shortly.