GoKawiilUpdate 4/19/26: Added additional information from Vercel that was disclosed after publishing.
Cloud development platform Vercel has disclosed a security incident after threat actors claimed to have breached its systems and are attempting to sell stolen data.
Vercel is a cloud platform that provides hosting and deployment infrastructure for developers, with a strong focus on JavaScript frameworks.
The company is known for developing Next.js, a widely used React framework, and for offering services such as serverless functions, edge computing, and CI/CD pipelines that enable developers to build, preview, and deploy applications.
In a security bulletin published today, the company said a limited subset of customers was affected by a security breach.
"We've identified a security incident that involved unauthorized access to certain internal Vercel systems," warns Vercel.
"We are actively investigating, and we have engaged incident response experts to help investigate and remediate. We have notified law enforcement and will update this page as the investigation progresses."
The company says its services have not been impacted and that it is working with impacted customers.
Vercel says it is taking steps to protect its customers, advising them to review environment variables, use its sensitive environment variable feature, and to rotate secrets if needed.
After publishing this story, Vercel updated its advisory to state that the breach stemmed from a compromise of a third-party AI tool's Google Workspace OAuth application.
... continue reading