Comment by _pdp_

19 hours ago

> OAuth trust relationship cascaded into a platform-wide exposure

> The CEO publicly attributed the attacker's unusual velocity to AI

> questions about detection-to-disclosure latency in platform breaches

Typical! The main failures in my mind are:

1. A user account with far too much privileges - possible many others like them

2. No or limited 2FA or any form of ZeroTrust architecture

3. Bad cyber security hygiene

8 comments

_pdp_

Blaming AI is gonna be the security breach equivalent to blaming ddos when your website breaks isn't it.

progbits 17 hours ago

It's the new sophisticated nation state.
ekropotin 13 hours ago
The idea of blaming something you can choice not to do is quite strange.
- paulddraper 13 hours ago
  
  You can choose for attackers not to use AI?
anematode 19 hours ago
That part of his tweet made me laugh out loud. I don't understand who it's directed toward.
- BoorishBears 18 hours ago
  
  The market. Rauch is 'strategic' like that, he'd even use a moment like this sneak in a sound bite to froth the market he has so much skin in
  "Vercel CEO says AI accelerated attack on critical infrastructure"
  
  1 reply →
xienze 17 hours ago

I think there’s a lot of truth to “the AI did it” though. We’re encouraging the same people who get tricked by “attached is your invoice” emails to run agent harnesses that have control of your desktop. I think there’s gonna be a lot of AI-powered exploits in the future.