alt Hacker NewsOnce you have a session token, which is what you get after you complete the oauth dance, you can issue requests to the API. It is simple as that. The minted token had permission to access the victim's inbox, most likely, which the attacker leveraged to read email and obtain one-time passwords, magic links and other forms of juicy information.
Replies
kyle-rb • yesterday at 8:47 PM
I guess what's unusual is that the scope includes inbox access.
IMO it's probably a bad idea to have an LLM/agent managing your email inbox. Even if it's readonly and the LLM behaves perfectly, supply chain attacks have an especially large blast radius (even more so if it's your work email).
➕ show 1 reply
If they had SSO sign in to their admin panel (trusted device checks notwithstanding) the oauth access would be useless.
Vercel is understandably trying to shift all the blame on the third party but the fact their admin panel can be accessed with gmail/drive/whatever oauth scopes is irresponsible.