According to a recent LinkedIn post from Token Security, the company is drawing attention to recent security incidents at Vercel and McKinsey that it suggests were mischaracterized as “AI hacks.” The post instead frames these events as compromises of non-human identities, specifically OAuth tokens and associated access paths into corporate systems.
Claim 55% Off TipRanks
- Unlock hedge fund-level data and powerful investing tools for smarter, sharper decisions
- Discover top-performing stock ideas and upgrade to a portfolio of market leaders with Smart Investor Picks
The LinkedIn post highlights a described attack chain in which an employee-installed AI agent allegedly obtained broad Google Workspace OAuth permissions, was then breached, and enabled an attacker to access internal resources via Google SSO. The post points readers to research by a Token Security researcher, signaling an internal focus on identity-centric and SaaS/OAuth security analysis.
For investors, this emphasis may indicate Token Security is positioning its expertise around securing non-human identities and third-party integrations, an area of growing concern as enterprises adopt AI agents and cloud services. If this research gains traction, it could enhance the firm’s credibility with security-conscious customers and potentially support demand for products or services addressing identity and access risks.
The post also implicitly critiques broader industry narratives that attribute such incidents to AI generally, suggesting an opportunity for Token Security to differentiate through technical clarity and thought leadership. This positioning could strengthen the company’s standing within the cybersecurity ecosystem, particularly among buyers seeking specialized protection for SaaS environments and OAuth-based workflows.