> OAuth trust relationship cascaded into a platform-wide exposure
> The CEO publicly attributed the attacker's unusual velocity to AI
> questions about detection-to-disclosure latency in platform breaches
Typical! The main failures in my mind are:
1. A user account with far too much privileges - possible many others like them
2. No or limited 2FA or any form of ZeroTrust architecture
3. Bad cyber security hygiene
Blaming AI is gonna be the security breach equivalent to blaming ddos when your website breaks isn't it.
It's the new sophisticated nation state.
The idea of blaming something you can choice not to do is quite strange.
You can choose for attackers not to use AI?
That part of his tweet made me laugh out loud. I don't understand who it's directed toward.
The market. Rauch is 'strategic' like that, he'd even use a moment like this sneak in a sound bite to froth the market he has so much skin in
"Vercel CEO says AI accelerated attack on critical infrastructure"
sigh Right.
Ironically, if the timeline is true that the attackers had been inside for months, the AIs they had access to are substantially weaker than today's frontier models. How much faster would they have achieved their goals with GLM 5.1?
I think there’s a lot of truth to “the AI did it” though. We’re encouraging the same people who get tricked by “attached is your invoice” emails to run agent harnesses that have control of your desktop. I think there’s gonna be a lot of AI-powered exploits in the future.