{"id":236046,"date":"2026-04-20T04:30:00","date_gmt":"2026-04-20T08:30:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/04\/20\/next-js-creator-vercel-hacked-securityweek\/"},"modified":"2026-04-26T21:10:21","modified_gmt":"2026-04-27T01:10:21","slug":"next-js-creator-vercel-hacked-securityweek","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/04\/20\/next-js-creator-vercel-hacked-securityweek\/","title":{"rendered":"Next.js Creator Vercel Hacked &#8211; SecurityWeek"},"content":{"rendered":"<p><a href=\"https:\/\/www.securityweek.com\/next-js-creator-vercel-hacked\/\">Next.js Creator Vercel Hacked &#8211; SecurityWeek<\/a><\/p>\n<p><a href=\"https:\/\/www.securityweek.com\/next-js-creator-vercel-hacked\/\">https:\/\/www.securityweek.com\/next-js-creator-vercel-hacked\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-04-20 04:30:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.securityweek.com\">www.securityweek.com<\/a><\/p>\n<p><strong>Vercel confirmed on Sunday that it has suffered an intrusion after a hacker offered to sell data allegedly stolen from the company\u2019s systems.<\/strong><\/p>\n<p>Vercel is best known as the company behind Next.js, the popular open source React framework for building web applications. It\u2019s also known for its frontend cloud platform, which makes it easy to deploy, scale, and host web apps.<\/p>\n<p>A hacker using the online moniker ShinyHunters announced on BreachForums on April 19 the sale of Vercel databases, access keys, employee accounts, and source code, offering it for $2 million.<\/p>\n<p>\u201cThis could be the largest supply chain attack ever if done right\u201d, the hacker said.\u00a0<\/p>\n<p>In a security incident notice published on Sunday and continuously updated since, Vercel confirmed unauthorized access to certain internal systems.<\/p>\n<p>The company says its investigation is ongoing, but it has confirmed that the credentials of a \u201climited subset of customers\u201d were compromised. Impacted users have been notified and instructed to reset credentials.<\/p>\n<p><span class=\"zox-ad-label\">Advertisement. Scroll to continue reading.<\/span><\/p>\n<p>\u201cThe incident originated with a compromise of Context.ai, a third-party AI tool used by a Vercel employee,\u201d Vercel said. \u201cThe attacker used that access to take over the employee\u2019s Vercel Google Workspace account, which enabled them to gain access to some Vercel environments and environment variables that were not marked as \u2018sensitive\u2019.\u201d<\/p>\n<p>Vercel CEO Guillermo Rauch explained in a post on X, \u201cVercel stores all customer environment variables fully encrypted at rest. We have numerous defense-in-depth mechanisms to protect core systems and customer data. We do have a capability however to designate environment variables as \u2018non-sensitive\u2019. Unfortunately, the attacker got further access through their enumeration.\u201d<\/p>\n<p>Hudson Rock, a threat intelligence firm specializing in infostealer malware, reported that the Lumma stealer obtained a Context.ai employee\u2019s credentials in&#8230;<\/p>\n<p><a href=\"https:\/\/www.securityweek.com\/next-js-creator-vercel-hacked\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Next.js Creator Vercel Hacked &#8211; SecurityWeek https:\/\/www.securityweek.com\/next-js-creator-vercel-hacked\/ Publish Date: 2026-04-20 04:30:00 Source Domain: www.securityweek.com Vercel&#8230;<\/p>\n","protected":false},"author":1,"featured_media":236047,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.securityweek.com\/wp-content\/uploads\/2026\/04\/Vercel.jpeg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,35,36,32],"class_list":["post-236046","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-hacker","tag-infostealer","tag-malware"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/236046"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=236046"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/236046\/revisions"}],"predecessor-version":[{"id":236048,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/236046\/revisions\/236048"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/236047"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=236046"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=236046"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=236046"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}