Vercel’s security breach started with malware disguised as Roblox cheats

Vercel reported that an attacker, after Lumma Stealer infected a Context.ai employee, leveraged stolen OAuth tokens to take over a Vercel employee's Google Workspace and access some Vercel environments and environment variables; limited customers were impacted, indicators were published and a group claiming to be ShinyHunters is attempting to sell the stolen credentials, source code and databases while investigations continue.