alt Hacker NewsDo we actually know the employee downloaded it on their work machine? At least this article doesn't say that (and I couldn't find it in other sources as well). Plenty of companies allow you to VPN into corporate network, or log into certain internal systems from the public Internet. Not saying they should, but it is much more common than you think.
For reference, look at how Disney got hacked. One employee downloaded compromised software on a personal computer. One thing led to another and boom. IT in many companies are much more incompetent than you think. I have seen that first hand.
Actually, you are right to question this. TFA mentions a MicroTrend report [1] as his source, but that report doesn't mention Roblox cheats and more interestingly says that Context.ai employee machine was compromised 22 months ago, in 2024! While TFA says February 2026. This details makes me doubt about the whole article
[1] https://www.trendmicro.com/en_us/research/26/d/vercel-breach...