A Vercel employee had personally signed up for the consumer Context.ai / AI Office Suite tool with no security review. After that tool was compromised via infostealer malware, attackers used a stolen OAuth token to reach the employee's Google Workspace and then pivot into Vercel's internal environment.
Attackers enumerated and decrypted environment variables and customer account data, then listed the stolen database for sale at $2 million on a cybercrime forum.
Unsanctioned AI SaaS with OAuth access to corporate identity is a supply-chain entry point — enforce app governance and mark all secrets as sensitive by default.
Guardion enforces policy on every agent action inline — with visibility, tamper-evident evidence, and DLP for agents and MCPs.
Request a demo