Vercel, a prominent development platform facilitating the hosting and deployment of web applications, has recently confirmed a security breach. The company attributes the origin of this incident to a compromised “third-party AI tool.”
Reports indicate that hackers are actively attempting to sell data stolen from Vercel's systems. An individual, claiming affiliation with ShinyHunters – the group previously linked to the recent Rockstar Games hack – has allegedly posted a subset of this data online. This reportedly includes employee names, email addresses, and activity time stamps.
In an official statement released on X, Vercel acknowledged a “security incident” impacting a “limited subset” of its customer base. The company further clarified that a compromised third-party AI tool served as the entry point for the attack, though the specific identity of this third-party was not disclosed.
To mitigate potential risks, Vercel has urged administrators to diligently review their activity logs for any indicators of suspicious behavior. Additionally, the company advised taking precautionary measures such as “review and rotate environmental variables” to safeguard against the potential exposure of API keys, tokens, or other sensitive data. Concluding its security bulletin, Vercel provided further details:
Our investigation has revealed that the incident originated from a third-party AI tool whose Google Workspace OAuth app was the subject of a broader compromise, potentially affecting hundreds of its users across many organizations.
We are publishing the following IOC to support the wider community in the investigation and vetting of potential malicious activity in their environments. We recommend that Google Workspace Administrators and Google Account owners check for usage of this app immediately.
The Editorial Staff at AIChief is a team of professional content writers with extensive experience in AI and marketing. Founded in 2025, AIChief has quickly grown into the largest free AI resource hub in the industry.