Next.js Creator Vercel Hacked

Summary

Vercel, creator of the popular Next.js framework, confirmed a security breach after a threat actor using the alias ShinyHunters announced the sale of stolen databases, access keys, employee accounts, and source code for $2 million on BreachForums. The intrusion originated from a compromise of Context.ai, a third-party AI tool used by a Vercel employee, which allowed the attacker to take over the employee's Google Workspace account and access non-sensitive environment variables. Vercel notified affected customers to reset credentials and emphasized that customer environment variables are encrypted at rest, though the attacker exploited enumeration capabilities to access unencrypted non-sensitive variables.

Full text

Vercel confirmed on Sunday that it has suffered an intrusion after a hacker offered to sell data allegedly stolen from the company’s systems. Vercel is best known as the company behind Next.js, the popular open source React framework for building web applications. It’s also known for its frontend cloud platform, which makes it easy to deploy, scale, and host web apps. A hacker using the online moniker ShinyHunters announced on BreachForums on April 19 the sale of Vercel databases, access keys, employee accounts, and source code, offering it for $2 million. “This could be the largest supply chain attack ever if done right”, the hacker said. In a security incident notice published on Sunday and continuously updated since, Vercel confirmed unauthorized access to certain internal systems. The company says its investigation is ongoing, but it has confirmed that the credentials of a “limited subset of customers” were compromised. Impacted users have been notified and instructed to reset credentials.Advertisement. Scroll to continue reading. “The incident originated with a compromise of Context.ai, a third-party AI tool used by a Vercel employee,” Vercel said. “The attacker used that access to take over the employee’s Vercel Google Workspace account, which enabled them to gain access to some Vercel environments and environment variables that were not marked as ‘sensitive’.” Vercel CEO Guillermo Rauch explained in a post on X, “Vercel stores all customer environment variables fully encrypted at rest. We have numerous defense-in-depth mechanisms to protect core systems and customer data. We do have a capability however to designate environment variables as ‘non-sensitive’. Unfortunately, the attacker got further access through their enumeration.” Hudson Rock, a threat intelligence firm specializing in infostealer malware, reported that the Lumma stealer obtained a Context.ai employee’s credentials in February 2026, which may have facilitated the Vercel hack. The BreachForums post offering the Vercel data appears to have been deleted, and the ShinyHunters group has reportedly denied being responsible for the attack. It remains to be seen whether the cybercrime group names Vercel on its data leak website. Vercel has promised to share more information as its investigation progresses. Related: Wynn Resorts Says 21,000 Employees Affected by ShinyHunters Hack Related: European Commission Reports Cyber Intrusion and Data Theft Related: Nightclub Giant RCI Hospitality Reports Data Breach Written By Eduard Kovacs Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering. More from Eduard Kovacs Recent Apache ActiveMQ Vulnerability Exploited in the WildZionSiphon Malware Targets ICS in Water FacilitiesOpenAI Widens Access to Cybersecurity Model After Anthropic’s Mythos RevealData Breach at Tennessee Hospital Affects 337,000Microsoft Paid Out $2.3 Million at Zero Day Quest 2026 Hacking ContestClaude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via CommentsExploited Vulnerability Exposes Nginx Servers to Hacking$10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks Latest News Half of the 6 Million Internet-Facing FTP Servers Lack EncryptionHackers Fail to Exploit Flaw in Discontinued TP-Link RoutersTycoon 2FA Loses Phishing Kit Crown Amid Surge in AttacksWhite House Chief of Staff to Meet With Anthropic CEO Over Its New AI TechnologyCoChat Launches AI Collaboration Platform to Combat Shadow AIIn Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker ArrestedAnother DraftKings Hacker Sentenced to PrisonLawmakers Gathered Quietly to Talk About AI. Angst and Fears of ‘Destruction’ Followed Trending Daily Briefing Newsletter Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. Webinar: A Step-by-Step Approach to AI Governance April 28, 2026 With "Shadow AI" usage becoming prevalent in organizations, learn how to balance the need for rapid experimentation with the rigorous controls required for enterprise-grade deployment. Register Virtual Event: Threat Detection and Incident Response Summit May 20, 2026 Delve into big-picture strategies to reduce attack surfaces, improve patch management, conduct post-incident forensics, and tools and tricks needed in a modern organization. Register People on the MoveAnti-ransomware platform Halcyon has named Kirstjen Nielsen and Chris Inglis as Strategic Advisors.ThreatModeler has appointed Kevin Gallagher as Chief Executive Officer.Thomas Bain has been appointed Chief Marketing Officer at Silent Push.More People On The MoveExpert Insights Government Can’t Win the Cyber War Without the Private Sector Securing national resilience now depends on faster, deeper partnerships with the private sector. (Steve Durbin) The Hidden ROI of Visibility: Better Decisions, Better Behavior, Better Security Beyond monitoring and compliance, visibility acts as a powerful deterrent, shaping user behavior, improving collaboration, and enabling more accurate, data-driven security decisions. (Joshua Goldfarb) The New Rules of Engagement: Matching Agentic Attack Speed The cybersecurity response to AI-enabled nation-state threats cannot be incremental. It must be architectural. (Nadir Izrael) The Next Cybersecurity Crisis Isn’t Breaches—It’s Data You Can’t Trust Data integrity shouldn’t be seen only through the prism of a technical concern but also as a leadership issue. (Steve Durbin) Why Agentic AI Systems Need Better Governance – Lessons from OpenClaw Agentic AI platforms are shifting from passive recommendation tools to autonomous action-takers with real system access, (Etay Maor) Flipboard Reddit Whatsapp Whatsapp Email

Indicators of Compromise

• malware — Lumma stealer

Entities