Search
On April 20, 2026, cloud development platform Vercel officially acknowledged a security breach that had an impact on certain customers. The perpetrator took advantage of a compromised third-party AI tool to infiltrate the system laterally through a Google Workspace OAuth application. This breach resulted in the exposure of sensitive information, including employee names, email addresses, and timestamps of operations. In light of this incident, Vercel strongly recommends that its customers promptly examine their operation logs and proceed with the rotation of API keys and environment variables as a precautionary measure. The hacker implicated in this attack is believed to be associated with ShinyHunters, a group infamous for its involvement in data breaches and subsequent ransom demands.
-
C114 Communication Network -
Communication Home
