The attack on Vercel, a prominent web app development platform, reportedly stemmed from a compromised third-party AI tool. Hackers, claiming to be associated with ShinyHunters—the group behind the recent Rockstar Games hack—are attempting to sell stolen data, including employee information. Vercel has acknowledged a security incident impacting a limited number of customers and traced the breach to a third-party AI tool’s compromised Google Workspace OAuth app, potentially affecting numerous organizations. Administrators are advised to check activity logs for suspicious actions, update environmental variables, and be cautious with sensitive data. Vercel released indicators of compromise (IOC) to aid in identifying malicious activities and urged Google Workspace Administrators to review app usage promptly.
Vercel Cloud Development Platform Hacked
1 Min Read