Roblox Cheat Malware and OAuth Abuse Led to Vercel Platform Compromise via AI Tool Provider
Published 2026-04-21AI Regulation and GovernanceHigh⭐ Timeline Candidate
Summary
A Trend Micro report details a multi-stage supply chain attack that compromised Vercel's platform beginning in February 2026. An employee at Context.ai, a company providing OAuth-integrated AI office tools for enterprise customers, downloaded a Roblox cheat bundled with Lumma Stealer malware. The infostealer harvested session cookies and credentials, giving the attacker access to Context.ai's internal systems. In March 2026, the attacker pivoted from Context.ai's compromised infrastructure into
Alignment: Reinforces current position
Related Positions: ai-governance-and-risk.md, ai-assisted-development-tooling.md, enterprise-ai-delivery.md
supply-chain-attackoauth-securityai-tool-governanceenterprise-securityvercel-compromiseinfostealer-malwarethird-party-riskai-saas-securitycredential-theftzero-trust