Cloud platform Vercel has confirmed a targeted security breach caused by a compromised third-party AI tool, Context.ai. Attackers exploited an employee's Google Workspace account to access internal environments and view non-sensitive environment variables.
While sensitive data remains encrypted, Vercel has urged affected users to rotate credentials immediately. The incident, allegedly linked to the ShinyHunters hacking group, underscores the growing risks of supply chain vulnerabilities.