1 post
The Vercel OAuth breach shows environment variables are not protected by location, only by the identity assertion placed in front of them.
