What the Vercel incident reveals about hidden risk ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­    ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­  
Zero Trust Weekly

This week in Zero Trust

The biggest risks begin with access

Estimated reading time: 5-6 minutes

 

In this issue:

  • Shadow AI: Why you need clear guidance on what employees can and can't do
  • Malware-as-a-service: The structure of a startup, without the legality
  • PowerShell: Why developers and attackers love it
  • Webinar: How supply chain attacks work and how to stop them
  • Watch: Adam Savage's Wi-Fi gets hacked
  • Threats you need to know: Vercel breach and fake GitHub alerts
View in browser

Manage preferences

From the CEO

The cybercrime economy is growing

 

"Some are calling the recent WordPress plugin hack a supply chain attack, which is technically true, but it misses what’s most interesting. The attackers bought a legitimate plugin, pushed an update, and gained access to thousands of websites. Then instead of doing something obvious like ransomware or defacement, they injected content that only Googlebot could see. Now you’ve got legitimate websites unknowingly being used to manipulate search rankings."  

 

Get the full story on LinkedIn.

From the ThreatLocker blog

Hidden risks and the business of malware

 

Shadow AI is already inside your environment

How unapproved AI tools create invisible risk

  • What's happening: Shadow AI is an evolution of shadow IT where instead of using unapproved applications, shadow AI consists of using unapproved AI tools or using approved ones outside of company guidelines. Employees may be feeding sensitive data into chatbots, automating workflows, or generating code within platforms that may not be secure, private, or completely accurate. 
  • Why it matters: AI tools actively process and retain data, introducing risks around data leakage, compliance violations, and unintended exposure of intellectual property. AI can also provide incomplete or inaccurate information, and AI-generated code may include weak validation or flawed assumptions that introduce risk into your environment. ➡️The biggest risks with shadow AI
  • The big picture: Blocking ChatGPT's domain isn't the answer. Every company needs a clear AI use policy so employees know what tools are allowed, what data should never be entered, and what review is expected before use.
    (Keep reading below to see how shadow AI was an integral part of the Vercel breach.)

Cybercrime is now a subscription service

Malware-as-a-service (MaaS) further lowers the barrier to entry

  • What's happening: Threat actors are increasingly buying, renting, or subscribing to pre-built malware kits complete with dashboards, support, and updates. MaaS platforms allow even low-skill attackers to launch sophisticated campaigns at scale.
  • Why it matters: Defenders are no longer facing only skilled adversaries. The cybercrime ecosystem features professional-grade attacks from attackers with low-grade skills. The developers and sellers of these kits and subscriptions typically don't carry out attacks themselves and carry little risk of repercussions. Furthermore, decentralization makes it difficult to shut the market for MaaS down. Whenever one forum is seized, another can quickly take its place.

  • The big picture: Perimeter-based security is no match for such easily accessible malware. While malware-as-a-service gives attackers an advantage, Zero Trust shifts the odds back in the defenders' favor. Assume a breach and prevent it from ever executing in the first place.➡️Read more about how cyberattacks became a scalable business

How attackers abuse PowerShell and what you can do about it

The same automation tool IT relies on is a top target for abuse

  • What's happening: PowerShell is a versatile and invaluable tool in most enterprise environments, but the same uses that make it so helpful are what make it so attractive to attackers. Attackers exploit PowerShell for lateral movement, data access, living-off-the-land attacks, connecting to the internet, and more. ➡️How attackers abuse PowerShell
  • Why it matters: Attackers prefer quiet infiltration over noisy exploits that trigger alerts. By exploiting a trusted tool like PowerShell, it's less likely that traditional defenses will notice the difference between legitimate and malicious activity. Because of PowerShell's widespread use and trust, it is a necessary tool for many teams, but leaving it unsecured is a major risk.
  • The big picture: PowerShell is a perfect example of how a great admin tool can become a dangerous weapon if not secured properly. Allowlisting policies that block unauthorized PowerShell scripts and commands and least privilege access policies to prevent data harvesting are a must.
ThreatLocker Webinars

Supply chain attacks are exploding

Stop lateral movement from attackers using your tools

 

Tuesday, May 5 | 11 a.m. EDT | CPE eligible

 

Attackers are targeting your trusted software because it's an efficient way to distribute malware at scale and bypass traditional security controls. 

 

Most defenses won't stop this. Default-deny will. Join our upcoming webinar to understand the daily risk and walk away with practical strategies to stay ahead.

 

Reserve your seat
Adam Savage's Wi-Fi gets hacked

ThreatLocker is back in the Tested cave with Adam Savage, this time to discuss the dangers of free public Wi-Fi. 

 

If you're at a coffee shop or on a flight and go to log onto the Wi-Fi, take a minute to reconsider. How sure are you the network you're connecting to is really the one you want? And is it worth the risk?

 

Watch now: How rogue Wi-Fi networks can steal data

Threats you need to know

How attackers are gaining access

 

Vercel breach linked to AI-powered supply chain attack

Shadow AI becomes an access risk

  • What's happening: Vercel disclosed a compromise of Context.ai, an AI tool being used by an employee at Vercel, which led to threat actors gaining unauthorized access to certain internal Vercel systems. The attacker was able to gain access of the employee's Google Workspace account and from there, Vercel environments. There is currently no evidence that the attacker was able to access sensitive files though some customer credentials were compromised. Vercel is working with Mandiant to understand the full scope of the breach.

  • Why it matters: The attack didn't rely on exploiting vulnerabilities. Instead, the attacker gained access through a single user granting “Allow All” permissions—turning one compromised account into broad organizational access. In this instance, an unsanctioned or loosely governed AI tool opened a new pathway for attackers.
  • The big picture: The breach appears to have begun when Context.ai was attacked in March and OAuth tokens were compromised. OAuth tokens with excessive permissions can act as full-access credentials, meaning one risky authorization decision can expose an entire enterprise environment.

GitHub alerts weaponized for phishing campaigns

Credential-harvesting lures sent directly to developers' inboxes

  • What's happening: A stealthy phishing technique has been weaponizing GitHub's notification system and bypassing MFA and other phishing defenses. Developers are the top target due to their often privileged position. Threat actors create GitHub accounts and register a malicious OAuth 2.0 application to impersonate security tools and request specific user permissions via access token. 

  • Why it matters: If the developer grants the permissions, the attacker gains control of the victim's GitHub account giving them access to private repositories and the ability to inject backdoor code and manipulate pipeline configurations.

  • The big picture: This attack chains together GitHub’s own features—trusted email notifications, OAuth authorization flows, and editable issues—to deliver the lure, evade detection, and secure access without ever needing to steal credentials. Because the email comes directly from GitHub, it is more likely to bypass spam filters and be trusted by even the sharpest developers.
ThreatLocker: Zero Trust Platform | Zero Trust Weekly

ThreatLocker, 1901 Summit Tower Blvd, Orlando, Florida 32810, United States

Manage preferences

Connect with us

                             

©2026 ThreatLocker Inc., All Rights Reserved