Skip to main content
Login
institutional access

You are connecting from
Lake Geneva Public Library,
please login or register to take advantage of your institution's Ground News Plan.

Published loading...Updated

Hack at Vercel sends crypto developers scrambling to lock down API keys

Vercel said a limited subset of customers was affected as it investigates whether attackers exfiltrated access keys, source code and API keys.

  • Cloud development platform Vercel disclosed a security incident after threat actors claiming to be "ShinyHunters" alleged they breached internal systems and accessed company data.
  • The company traced the intrusion to a compromised Google Workspace connection within Context, a third-party AI tool used by an employee, allowing attackers to escalate access into internal environments.
  • Attackers potentially accessed API keys and 580 employee records containing names and timestamps, while the threat actor alleged a $2 million ransom demand in Telegram messages.
  • Solana-Based decentralized exchange Orca rotated all deployment credentials as a precaution, while Vercel advised customers to rotate secrets and use its sensitive environment variable feature.
  • This incident adds to a difficult April for crypto, following a $292 million exploit of Kelp DAO and a $285 million attack on Drift linked to North Korea-affiliated actors.
Insights by Ground AI

25 Articles

India TodayIndia Today
Lean Right

Vercel hacked, hacker using ShinyHunters name to sell data for $2 million

Vercel, a cloud platform that hosts and deploys web apps, was recently compromised in a cyberattack stemming from an AI tool. The company says that no sensitive data was accessed after hackers claimed to be selling Vercel customer data online. Vercel has clients such as OpenAI, Cursor, Bose, and Pinterest.

·India
Read Full Article
Coin DeskCoin Desk
Center

Hack at Vercel sends crypto developers scrambling to lock down API keys

Breach tied to compromised AI tool may have exposed credentials used by app frontends, the user-facing layer that connects web3 wallets and trading interfaces to backend services.

·Manila, Philippines (the)
Read Full Article
The VergeThe Verge
+2 Reposted by 2 other sources
Lean Left

Cloud development platform Vercel was hacked

Vercel, a major development platform that hosts and deploys web apps, was compromised, and the hackers are attempting to sell stolen data. A person claiming to be a member of ShinyHunters, which was behind the recent hack of Rockstar Games, posted some data online, including employee names, email addresses, and activity time stamps. Vercel confirmed in a post on X that a "security incident" had occurred, and that it impacted a "limited subset" o…

·United States
Read Full Article
BleepingComputerBleepingComputer
Reposted by
cybernoz.comcybernoz.com
Center

Vercel confirms breach as hackers claim to be selling stolen data

Cloud development platform Vercel has disclosed a security incident after threat actors claimed to have breached its systems and are attempting to sell stolen data.

Read Full Article
IT Security News - cybersecurity, infosecurity newsIT Security News - cybersecurity, infosecurity news

Next.js Creator Vercel Hacked

Vercel confirmed suffering a breach after a hacker claiming to be part of ShinyHunters offered to sell stolen data for $2 million. The post Next.js Creator Vercel Hacked appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Next.js Creator Vercel Hacked The post Next.js Creator Vercel Hacked appeared first on IT Security News.

Read Full Article
HeiseHeise

Attack on next.js Manufacturer Vercel: Customer Data Retrieved

Internal Vercel systems and thus customer data were compromised in a security incident. An external AI tool served as a gateway.

·Germany
Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 50% of the sources are Center
50% Center

Factuality Info Icon

To view factuality data please Upgrade to Premium

Ownership

Info Icon

To view ownership data please Upgrade to Vantage

BleepingComputer broke the news on Sunday, April 19, 2026.
Too Big Arrow Icon
Sources are mostly out of (0)

Similar News Topics

Cyberattacks icon

Cyberattacks

Cyber Security icon

Cyber Security

Artificial Intelligence icon

Artificial Intelligence

Meta icon

Meta

Cybersecurity icon

Cybersecurity

News
Feed Dots Icon
For You
Search Icon
SearchBlindspot LogoBlindspotLocal