Articles
Crypto Market Analysis

Cloud hosting firm Vercel confirms ‘limited’ hack of user info

User Image

익명에 의해

생성됨 April 20, 2026|2 분 독서
Main Image

Vercel has confirmed it was compromised after a member of a hacking forum put the company’s information up for sale for $2 million.

Vercel, a cloud hosting provider popular among crypto projects, has confirmed that it suffered a security breach that allowed hackers to make off with a “limited” subset of customer credentials.

Vercel said in a blog post on Sunday that it “identified a security incident that involved unauthorized access to certain internal Vercel systems” and was investigating the breach.

“Initially we identified a limited subset of customers whose Vercel credentials were compromised,” it added. “We reached out to that subset and recommended an immediate rotation of credentials.”

Vercel’s confirmation came after multiple X users reported that a post on the hacking forum BreachForums by a user called “ShinyHunters” claimed to be offering Vercel’s data in exchange for $2 million.

The poster claimed to have access keys, source code, database information and employee accounts with access to internal deployments, which they said could be used for a “global supply chain attack.”

Vercel did not address the post’s claims, but said the attacker was “highly sophisticated based on their operational velocity and detailed understanding of Vercel's systems.”

Vercel CEO Guillermo Rauch said on Sunday that the attack originated after a Vercel employee was compromised via a breach of an artificial intelligence tool they used called Context.ai.

The attacker was then able to compromise the Vercel employee’s Google Workspace account, allowing them access to some of Vercel’s internal systems.

Rauch said the company stores customer environments with full encryption, but it has the capability to designate variables as “non-sensitive,” and the attacker “got further access through their enumeration.”

Related: Aave's TVL tanks $8B a day after $293M Kelp DAO hack

“We believe the attacking group to be highly sophisticated and, I strongly suspect, significantly accelerated by AI,” he added. “They moved with surprising velocity and in-depth understanding of Vercel.”

Rauch said that Vercel had “deployed extensive protection measures and monitoring” and it had analyzed its supply chain to ensure “Next.js, Turbopack, and our many open source projects remain safe for our community.”

“My advice to everyone is to follow the best practices of security response: secret rotation, monitoring access to your Vercel environments and linked services, and ensuring the proper use of the sensitive env variables feature,” he added.

Magazine: Meet the onchain crypto detectives fighting crime better than the cops

Source: CoinTelegraph


최근에 발행된 다른 기사들

Lending protocol Bonzo loses 77% of value locked as $9 million oracle exploit rattles Hedera
Lending protocol Bonzo loses 77% of value locked as $9 million oracle exploit rattles Hedera

Crypto Market Analysis

Bonzo Lend lost approximately $9.05 million after an attacker exploited a verification flaw in a thi...

AI found an Ethereum bug that could take validators offline, but humans had to prove it
AI found an Ethereum bug that could take validators offline, but humans had to prove it

Ethereum

The Ethereum Foundation pointed coordinated AI agents at the software its validators run and got a r...

Bitcoin treasury company Empery Digital sold about half of its BTC stack
Bitcoin treasury company Empery Digital sold about half of its BTC stack

Bitcoin

It's a sign of the times as the troubled company swaps its bitcoin treasury ambitions for AI data ce...

The UK has finally shown it’s serious about crypto
The UK has finally shown it’s serious about crypto

Crypto Market Analysis

Several recent regulatory steps indicate the UK might finally stop dragging its feet when it comes t...

Crypto IPO market stalls as capital rotates to AI and macro uncertainty weighs
Crypto IPO market stalls as capital rotates to AI and macro uncertainty weighs

Crypto Market Analysis

Funding constraints and investor caution, not regulation, are delaying crypto IPOs, according to Coh...

Bonzo Lend loses $9M in oracle exploit on Hedera
Bonzo Lend loses $9M in oracle exploit on Hedera

Crypto Market Analysis

An attacker inflated the value of SAUCE collateral and borrowed $9 million from Bonzo Lend through a...