@Saccc_c: Vercel confirms breach — hacker group ShinyHunters selling core source code, internal DB access, and keys for $2 million. Rotate your env vars now.
Summary
Vercel has confirmed an intrusion by the hacker group ShinyHunters, who are openly selling core source code, internal database access, and secrets for $2 million. All Vercel users should immediately review and rotate environment variables and related keys.
View Cached Full Text
Cached at: 04/21/26, 08:12 AM
Vercel has just confirmed that its internal systems were breached. The hacker group ShinyHunters is openly peddling Vercel’s core source code, internal database access, and access keys for $2 million. All developers using Vercel should immediately audit and rotate environment variables and related secrets.
Similar Articles
@Fenng: I just started using Vercel the other day and it got hacked. In the AI era you can’t catch a break—one flaky dev can sink the whole company. Same story from Claude to Vercel.
A short social post claims Vercel was hacked soon after the author began using it, blaming a rogue developer and likening it to past Claude incidents.
Vercel April 2026 security incident
Vercel disclosed a security incident involving unauthorized access to internal systems originating from a compromise of Context.ai, a third-party AI tool used by a Vercel employee. Limited customer credentials were compromised, though environment variables marked as sensitive were not accessed; the company is actively investigating with external cybersecurity firms and law enforcement.
Vercel April 2026 security incident
Vercel confirmed a security breach affecting a limited subset of customers after threat actors claimed to have stolen data. The breach originated from a compromised employee Google Workspace account via a third-party AI tool (Context.ai), allowing attackers to access unencrypted environment variables and enumerate further access to customer systems.
The Vercel breach: OAuth attack exposes risk in platform environment variables
A June 2024 intrusion disclosed in April 2026 saw attackers abuse a compromised third-party OAuth app to access Vercel’s internals and expose customer environment variables, spotlighting OAuth supply-chain risks and platform secret-handling flaws.
@seclink: Nationwide emergency response today — an open-source frontend library suffered a supply chain attack; any project using it may be infected with a worm. Urgent checks and upgrades needed.
Nationwide emergency response today because AntV, an open-source frontend library by Ant Group, was hit by a supply chain attack and implanted with a worm. Users need to urgently check and upgrade.