Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Vercel security incident: What the breach reveals about OAuth trust, supply chain risk, and response speed

Public reporting suggests the incident involved abuse of a third-party application that had been granted OAuth access to a Vercel employee account, enabling unauthorized access to some internal resources. Certain customer‑related tokens, environment variables, or other access artifacts may have been exposed, though Vercel has not stated that password theft was part of the initial access path.

Understanding shadow AI in your endpoint environment

Generative AI–and large language models in particular–reached mass consumer adoption beginning in late 2022 and early 2023, with ChatGPT reaching 100 million users faster than any consumer application in history. Since then, AI has advanced at a breakneck pace and now seems to be incorporated in every tool, app, and website–regardless of how useful it might actually be.

Axios npm package compromise: What happened, what matters, and how to respond

Attackers carried out a supply chain compromise by abusing a compromised npm maintainer account to publish malicious Axios versions (axios@1.14.1 and axios@0.30.4). These releases introduced an unexpected dependency, plain-crypto-js@4.2.1, which attempted platform-specific malware execution via an npm lifecycle script during installation on Windows, macOS, and Linux.
Featured Post

The UK's Cyber Action Plan marks the end of compliance-led security

The UK government's new £210 million Cyber Action Plan signals an important shift in how cyber risk is being addressed at a national level. Designed to strengthen cyber defences across government departments and the wider public sector, the plan establishes a new Cyber Unit and introduces stronger expectations around resilience, accountability and operational capability.

CVE202547813: Wing FTP Server vulnerability flagged by CISA

CVE-2025-47813 is an information disclosure vulnerability in Wing FTP Server that reveals the application's full installation path when attackers send an oversized UID cookie value. CISA added it to the Known Exploited Vulnerabilities (KEV) catalog in March 2026, indicating active exploitation in the wild.