Identity & AccessApr 19, 2026
‼️ Vercel has provided the following update on their blog. https://t.co/F9mxnCuUn4 IOC: OAuth...
Vercel reports OAuth app compromise affecting customer accounts.
Summary
Vercel disclosed a security incident involving a compromised OAuth application that could have granted attackers access to customer accounts. The incident involved a malicious Google OAuth app ID (110671459871-30f1spbu0hptbs60cb4vsmv79i7bbvqj.apps.googleusercontent.com). Vercel has provided guidance for affected users to review account activity and revoke suspicious third-party OAuth permissions.
Indicators of Compromise
- domain — 110671459871-30f1spbu0hptbs60cb4vsmv79i7bbvqj.apps.googleusercontent.com
Entities
Vercel (vendor)Google (vendor)OAuth (technology)