Cybercrime Has Entered the Physical Supply Chain

This report summarizes three interconnected threat stories: a Vercel incident where a third‑party AI vendor was compromised (via Luma Stealer) enabling OAuth/credential theft and downstream supply‑chain impact; Vect ransomware whose implementation flaws can permanently destroy data and act as a wiper; and FBI warnings about cyber‑enabled cargo theft using social engineering, fake sites, and RMM tools to steal physical shipments — underscoring the need to secure third‑party access, test backups, monitor remote access tools, and train staff.