Vercel attack fallout expands to more customers and third-party systems | CyberScoop<\/title> <meta name=\"description\" content=\"The company said it found more evidence of compromise across its customer base. Exposure, which has yet to be defined, poses significant downstream risk.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/vercel-attack-fallout-expands\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Vercel attack fallout expands to more customers and third-party systems\"> <meta property=\"og:description\" content=\"The company said it found more evidence of compromise across its customer base. Exposure, which has yet to be defined, poses significant downstream risk.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/vercel-attack-fallout-expands\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/cyberscoop\/\"> <meta property=\"article:published_time\" content=\"2026-04-23T22:05:51+00:00\"> <meta property=\"article:modified_time\" content=\"2026-04-23T22:05:53+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/04\/vercel-attack-fallout-expands-to-more-customers-and-third-party-systems-2.jpg\"> <meta property=\"og:image:width\" content=\"1024\"> <meta property=\"og:image:height\" content=\"683\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Matt Kapko\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@CyberScoopNews\"> <meta name=\"twitter:site\" content=\"@CyberScoopNews\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1774626878g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1774625888g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1775068334g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=13897d660a0ac2c9c7d1\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/88746\"><meta name=\"generator\" content=\"WordPress 6.8.5\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=88746\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fvercel-attack-fallout-expands%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fvercel-attack-fallout-expands%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"wp-singular post-template-default single single-post postid-88746 single-format-standard wp-theme-scoopnewsgroup wp-child-theme-cyberscoop\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/vercel-attack-fallout-expands\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"26.415313225058\">\n<div class=\"single-article__header-content\" readability=\"36.447115384615\">\n<p> The company said it found more evidence of compromise across its customer base. Exposure, which has yet to be defined, poses significant downstream risk. <\/p>\n<p>  <br \/>\n<audio id=\"audio-player\" src=\"https:\/\/wp-tts-cdn.api.scpnewsgrp.com\/cyberscoop\/88746\/english.openai.mp3\"><\/audio> <\/p>\n<div readability=\"11\">\n<div>\n<p>Listen to this article<\/p>\n<p>  <\/p>\n<p>0:00<\/p>\n<\/p><\/div>\n<p>  <\/p>\n<p> <span id=\"tts-tooltip\">Learn more.<\/span> <span> This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment. <\/span> <\/p>\n<\/div>\n<p>  <\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"427\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2026\/04\/vercel-attack-fallout-expands-to-more-customers-and-third-party-systems.jpg?resize=640%2C427&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/04\/vercel-attack-fallout-expands-to-more-customers-and-third-party-systems-2.jpg 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/04\/vercel-attack-fallout-expands-to-more-customers-and-third-party-systems-2.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/04\/vercel-attack-fallout-expands-to-more-customers-and-third-party-systems-2.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/04\/vercel-attack-fallout-expands-to-more-customers-and-third-party-systems-2.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/04\/vercel-attack-fallout-expands-to-more-customers-and-third-party-systems-2.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/04\/vercel-attack-fallout-expands-to-more-customers-and-third-party-systems-2.jpg?resize=505,337 505w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/04\/vercel-attack-fallout-expands-to-more-customers-and-third-party-systems-2.jpg?resize=1012,675 1012w\" sizes=\"(max-width: 1012px) 100vw, 1012px\"><figcaption> (Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"48.906545903664\"><body readability=\"100.80669923238\"><\/p>\n<p>Vercel said the fallout from an attack on its internal systems hit more customers than previously known, as ongoing analysis uncovered <a href=\"https:\/\/vercel.com\/kb\/bulletin\/vercel-april-2026-security-incident\">additional evidence of compromise<\/a>. <\/p>\n<p>The company, which makes tools and hosts cloud infrastructure for developers, maintains a \u201csmall number\u201d of accounts were impacted, but it has yet to share a number or range of known incidents linked to the attack. Vercel created and maintains Next.js, a platform supporting AI agents that\u2019s downloaded more than 9 million times per week, and other popular open-source projects. <\/p>\n<p>Vercel CEO Guillermo Rauch said the company and partners have analyzed nearly a petabyte of logs across the Vercel network and API, and learned malicious activity targeting the company and its customers extends beyond an initial attack that originated at Context.ai. <\/p>\n<p>\u201cThreat intel points to the distribution of malware to computers in search of valuable tokens like keys to Vercel accounts and other providers,\u201d Rauch said in a <a href=\"https:\/\/x.com\/rauchg\/status\/2047150411170320808?s=20\">post on X<\/a>. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cOnce the attacker gets ahold of those keys, our logs show a repeated pattern: rapid and comprehensive API usage, with a focus on enumeration of non-sensitive environment variables,\u201d he added.<\/p>\n<p>The attack exemplifies the widespread and compounded risk posed by interconnected systems that rely on OAuth tokens, trusted relationships and overly privileged permissions linking multiple services together.<\/p>\n<p>\u201cThe real vulnerability was trust, not technology,\u201d Munish Walther-Puri, head of critical digital infrastructure at TPO Group, told CyberScoop. \u201cOAuth turned a productivity app into a backdoor. Every AI tool an employee connects to their work account is now a potential attack surface.\u201d<\/p>\n<p>An attacker <a href=\"https:\/\/cyberscoop.com\/vercel-security-breach-third-party-attack-context-ai-lumma-stealer\/\">traversed Vercel\u2019s internal systems<\/a> to steal and decrypt customer data, including environment variables it stored, posing significant downstream risk. <\/p>\n<p>The company insists the breach originated at Context.ai, a third-party AI tool used by one of its employees. Researchers at Hudson Rock previously said the seeds of that attack were planted in February when a Context.ai employee\u2019s computer was <a href=\"https:\/\/www.infostealers.com\/article\/breaking-vercel-breach-linked-to-infostealer-infection-at-context-ai\/\">infected with Lumma Stealer malware<\/a> after they searched for Roblox game exploits, a common vector for infostealer deployments. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Vercel has not specified the systems and customers data compromised, nor has it described the threat eradicated or contained. The company said it\u2019s found no evidence of tampering across the software packages it publishes, concluding \u201cwe believe the supply chain remains safe.\u201d <\/p>\n<p>The company fueled further intrigue in its updated security bulletin, noting that it also identified a separate \u201csmall number of customers\u201d that were compromised in attacks unrelated to the breach of its systems. <\/p>\n<p>\u201cThese compromises do not appear to have originated on Vercel systems,\u201d the company said. \u201cThis activity does not appear to be a continuation or expansion of the April incident, nor does it appear to be evidence of an earlier Vercel security incident.\u201d<\/p>\n<p>It\u2019s unclear how Vercel became aware of those attacks and why it\u2019s disclosing them publicly. <\/p>\n<p>Vercel declined to answer questions, and Mandiant, which is running incident response and an investigation into the attack, referred questions back to Vercel. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Vercel has not attributed the breach to any named threat group or described the attackers\u2019 objectives. <\/p>\n<p>An online persona identifying themselves as ShinyHunters took responsibility for the attack and is attempting to sell the stolen data, which they claim includes access keys, source code and databases. Austin Larsen, principal threat analyst at Google Threat Intelligence Group, said the attacker is \u201c<a href=\"https:\/\/www.linkedin.com\/posts\/austin-larsen_vercel-share-7451694308845408256-aHOX\/?utm_source=share&utm_medium=member_desktop&rcm=ACoAAAC2xvMBLPggh7Z3PC8i4V4yQ0JB56a2MlM\">likely an imposter<\/a>,\u201d but emphasized the risk of exposure is real.<\/p>\n<p>Walther-Puri warned that the downstream blast radius from the attack on its systems remains undefined. \u201cStolen API keys and source code snippets from internal views are potentially keys to customer production environments,\u201d he said.<\/p>\n<p>The stolen data attackers claim to have \u201csounds almost boring \u2026 but it\u2019s infrastructure intelligence,\u201d Walther-Puri added. \u201cThe right environment variable doesn\u2019t just unlock a system \u2014 it lets adversaries become that system, silently, from the inside.\u201d<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"3.2338709677419\">\n<div class=\"author-card\" readability=\"14\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2026\/04\/vercel-attack-fallout-expands-to-more-customers-and-third-party-systems-1.jpg?w=640&ssl=1\" alt=\"Matt Kapko\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Matt Kapko<\/h4>\n<p> Matt Kapko is a reporter at CyberScoop. His beat includes cybercrime, ransomware, software defects and vulnerability (mis)management. The lifelong Californian started his journalism career in 2001 with previous stops at Cybersecurity Dive, CIO, SDxCentral and RCR Wireless News. Matt has a degree in journalism and history from Humboldt State University. <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/vercel-attack-fallout-expands\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Vercel attack fallout expands to more customers and third-party systems<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[282,78,3729,646,4387,1073,3288,2151,1813,1866,649,288,5745],"tags":[286,86,3731,650,4388,1076,3290,2155,1814,1868,652,294,5746],"class_list":["post-8581","post","type-post","status-publish","format-standard","hentry","category-cybercrime","category-cybersecurity","category-google-threat-intelligence-group","category-mandiant","category-oauth","category-open-source","category-open-source-software","category-shinyhunters","category-supply-chain","category-supply-chain-attacks","category-supply-chain-security","category-threats","category-vercel","tag-cybercrime","tag-cybersecurity","tag-google-threat-intelligence-group","tag-mandiant","tag-oauth","tag-open-source","tag-open-source-software","tag-shinyhunters","tag-supply-chain","tag-supply-chain-attacks","tag-supply-chain-security","tag-threats","tag-vercel"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybercrime\/\" rel=\"category tag\">cybercrime<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/google-threat-intelligence-group\/\" rel=\"category tag\">Google Threat Intelligence Group<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/mandiant\/\" rel=\"category tag\">Mandiant<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/oauth\/\" rel=\"category tag\">OAuth<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/open-source\/\" rel=\"category tag\">open source<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/open-source-software\/\" rel=\"category tag\">open source software<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/shinyhunters\/\" rel=\"category tag\">ShinyHunters<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/supply-chain\/\" rel=\"category tag\">supply chain<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/supply-chain-attacks\/\" rel=\"category tag\">supply chain attacks<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/supply-chain-security\/\" rel=\"category tag\">supply chain security<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/threats\/\" rel=\"category tag\">Threats<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/vercel\/\" rel=\"category tag\">Vercel<\/a>","tag_info":"Vercel","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/8581","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=8581"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/8581\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=8581"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=8581"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=8581"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":8581,"date":"2026-04-23T17:05:51","date_gmt":"2026-04-23T22:05:51","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=88746"},"modified":"2026-04-23T17:05:51","modified_gmt":"2026-04-23T22:05:51","slug":"vercel-attack-fallout-expands-to-more-customers-and-third-party-systems","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2026\/04\/23\/vercel-attack-fallout-expands-to-more-customers-and-third-party-systems\/","title":{"rendered":"Vercel attack fallout expands to more customers and third-party systems"},"content":{"rendered":"