Gate News message, April 20 — Cloud development platform Vercel confirmed a security incident on Sunday (April 19) in which hackers gained access to internal systems, stealing employee data, customer data, and sensitive credentials. The breach poses a significant risk to the Web3 ecosystem, as many crypto projects use Vercel to host their front-end interfaces.
Vercel’s investigation revealed the breach originated from a third-party AI tool called Context.ai, which was being used by one of its employees. The tool’s Google Workspace OpenAuth application was compromised, allowing attackers to broaden access to Vercel’s systems and potentially impact hundreds of users across multiple organizations. The platform warned that unprotected environment variables used by deployments could be exposed and recommended users review and change any environment variables not marked as sensitive.
Shortly after Vercel’s announcement, a user calling themselves ‘ShinyHunters’ posted on the cybercrime marketplace Breachforums, claiming to have breached Vercel and offering to sell stolen data—including access keys, source code, database data, and API keys—for $2 million. The attacker also shared personal information on Vercel employees and screenshots of internal dashboards. In separate Telegram messages, the attacker claimed to be in contact with Vercel regarding a $2 million ransom demand.
Vercel CEO Guillermo Rauch confirmed the incident on X, stating that the company had engaged incident response experts and notified law enforcement. Vercel said only a limited subset of customers were impacted and that its services remain fully operational.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
ZachXBT Warns Against Bitcoin Depot ATM Over 44% Bitcoin Markup
ZachXBT warns Bitcoin Depot ATMs impose steep premiums—$25k fiat at $108k/BTC vs ~$75k market (about 44%), leading to ~ $7.5k loss on 0.232 BTC; also notes a $3.26M security breach.
This article summarizes ZachXBT's warnings about Bitcoin Depot's pricing practices and a recent security breach, highlighting risks from inflated rates and security lapses for users.
GateNews50m ago
Privacy Protocol Umbra Shuts Down Frontend to Block Attackers from Laundering Stolen Kelp Funds
Gate News message, April 22 — Privacy protocol Umbra has shut down its frontend website to prevent attackers from using the protocol to transfer stolen funds following recent attacks, including the Kelp protocol breach that resulted in losses exceeding $280 million. Approximately $800,000 in stolen
GateNews2h ago
Misty 23pds Alert: Lazarus Group releases a new macOS toolkit targeting cryptocurrencies
Misty’s Chief Information Security Officer 23pds issued an alert on April 22, stating that the North Korean hacking group Lazarus Group has released a new native macOS malware toolkit called “Mach-O Man,”专a专专专專專專 specialized in the cryptocurrency industry and high-value enterprise executives.
MarketWhisper3h ago
Venus Protocol 攻擊者轉移 2301 枚 ETH,流入 Tornado Cash 清洗
According to the on-chain analyst Ai Auntie’s monitoring on April 22, the Venus Protocol attacker transferred 2,301 ETH (about $5.32 million) to address 0xa21…23A7f 11 hours ago, then moved the funds in batches into the crypto mixer Tornado Cash for laundering; as of the time of monitoring, the attacker still held about $17.45 million worth of ETH on-chain.
MarketWhisper6h ago
CometBFT zero-day vulnerability exposed, $8.0 billion Cosmos network nodes face a risk of permanent lockup
Security researcher Doyeon Park disclosed on April 21 that there is a high-severity zero-day vulnerability rated CVSS 7.1 in the Cosmos consensus layer CometBFT. It could allow a malicious peer node to attack nodes during the block synchronization (BlockSync) stage and cause them to deadlock, impacting a network that safeguards more than $8 billion in assets.
MarketWhisper6h ago
