Vercel Confirms Context AI Breach — API Keys, Source Code and Customer Data Stolen

Colleagues, please note: Vercel has confirmed an incident in which attackers gained access to customer data via a compromise of Context AI.
- What happened: a Vercel employee connected the Context AI app to a corporate Google account; attackers abused OAuth to seize the account.
- Impact: API keys, source code and customer data were exfiltrated; some credentials were stored unencrypted; Vercel has notified affected customers.
- Recommendation: rotate keys and credentials immediately, prioritizing those labeled “non-sensitive”.
Why it matters: another example of chained supply‑chain attacks — hundreds of organizations may be exposed.
What steps have you taken to secure your supply chain?
#cybersecurity #infosec #supplychain #DevOps


Latest comments
No comments yet.