Home
News
Details

Vercel CEO Provides Update on Security Incident: Google Workspace Account Compromised

iconKuCoinFlash
Share
Share IconShare IconShare IconShare IconShare IconShare IconCopy
This is the logo of the coin.
DASH
$36.244.34%
AI summary iconSummary

expand icon
On April 20 (UTC+8), Vercel CEO Guillermo Rauch disclosed a security breach, revealing that an employee’s Context.ai account had been compromised, resulting in unauthorized access to a Vercel Google Workspace account. The company is currently investigating the incident and has contacted affected customers. Vercel is collaborating with Mandiant and law enforcement, while deploying a new dashboard to help users secure environment variables. The incident underscores the importance of on-chain news for real-time tracking of security updates.

According to ME News, on April 20 (UTC+8), Guillermo Rauch, CEO of the frontend cloud platform Vercel, tweeted that the team is conducting a comprehensive investigation into a security incident. The incident originated when Context.ai, an AI platform used by a Vercel employee, was compromised, leading to the breach of the employee’s Vercel Google Workspace account. The attacker then performed a series of actions to gain further access to the environment. Although all customer environment variables at Vercel are fully encrypted at rest, the platform allows certain variables to be marked as “non-sensitive,” which the attacker exploited through enumeration to obtain additional access. The attacker’s speed and understanding of Vercel’s architecture exceeded expectations. The number of affected customers is currently limited. Vercel has proactively contacted impacted customers and deployed protective measures and monitoring. The team is closely collaborating with Mandiant, industry partners, and law enforcement agencies, and has conducted a full review of its supply chain—including open-source projects such as Next.js and Turbopack—to ensure security. Vercel has also rolled out a new dashboard feature to help users overview and manage their environment variables. (Source: Foresight News)

Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information. Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.