new | show | ask | jobs Github

_pdp_ 11 hours ago

> OAuth trust relationship cascaded into a platform-wide exposure

> The CEO publicly attributed the attacker's unusual velocity to AI

> questions about detection-to-disclosure latency in platform breaches

Typical! The main failures in my mind are:

1. A user account with far too much privileges - possible many others like them

2. No or limited 2FA or any form of ZeroTrust architecture

3. Bad cyber security hygiene

▲

JauntyHatAngle 10 hours ago | parent [-]

Blaming AI is gonna be the security breach equivalent to blaming ddos when your website breaks isn't it.

▲

progbits 8 hours ago | parent | next [-]

It's the new sophisticated nation state.

▲

ekropotin 4 hours ago | parent | prev | next [-]

The idea of blaming something you can choice not to do is quite strange.

	▲	paulddraper 4 hours ago \| parent [-]
		You can choose for attackers not to use AI?

▲

anematode 10 hours ago | parent | prev | next [-]

That part of his tweet made me laugh out loud. I don't understand who it's directed toward.

▲

BoorishBears 10 hours ago | parent [-]

The market. Rauch is 'strategic' like that, he'd even use a moment like this sneak in a sound bite to froth the market he has so much skin in

"Vercel CEO says AI accelerated attack on critical infrastructure"

	▲	anematode 8 hours ago \| parent [-]
		sigh Right. Ironically, if the timeline is true that the attackers had been inside for months, the AIs they had access to are substantially weaker than today's frontier models. How much faster would they have achieved their goals with GLM 5.1?

▲

xienze 8 hours ago | parent | prev [-]

I think there’s a lot of truth to “the AI did it” though. We’re encouraging the same people who get tricked by “attached is your invoice” emails to run agent harnesses that have control of your desktop. I think there’s gonna be a lot of AI-powered exploits in the future.