vercel has disclosed a security incident involving unauthorized access to certain internal systems, and the company is urging customers to rotate secrets immediately. The warning comes as the company investigates what it says appears to be a supply chain attack linked to a third-party AI tool. Vercel said the number of affected customers is limited, but it has not identified exactly which internal systems were accessed or how many users were impacted.
What Vercel says happened
Vercel said it found unauthorized access to parts of its internal environment and is now treating the case as a security breach. it has engaged experts and law enforcement while it investigates the incident, and it has released an indicator of compromise tied to a small third-party AI tool whose Google Workspace OAuth permissions were part of a broader compromise.
Chief executive Guillermo Rauch said an employee account was compromised through the Context. ai AI platform being breached. Rauch said the platform had been integrated with Vercel’s environment and granted deployment-level Google Workspace OAuth scopes, giving attackers a privileged foothold once the platform itself was breached. He added that the attacker then gained further access through enumeration inside Vercel environments.
Customers told to check secrets and logs
Vercel is advising Workspace administrators and Google account owners to look for the OAuth app identified by the company and to review account activity carefully. It is also telling customers to check activity logs and rotate environment variables if they contain secrets such as application programming interface keys, tokens, database credentials, or signing keys that had been marked as not sensitive.
the impact appears to be limited, but it also said the compromise could have affected hundreds of users across many organisations. Vercel said that if users have not been contacted, there is no reason to believe their Vercel credentials or personal data were compromised at this time.
Immediate reaction inside the company
Rauch said the company has already analyzed its supply chain and is working to keep its core projects safe for the community. He said Next. js, Turbopack, and Vercel’s other open source projects remain safe, while the investigation continues into the compromised third-party AI connection.
Vercel has also told customers to enable sensitive variable protections, check recent deployments for anomalies, strengthen deployment protection settings, and rotate related tokens where needed. The company emphasized that secrets not marked as sensitive should be treated as potentially exposed and rotated as a priority.
Why this breach matters now
The incident is notable because it centers on trust between a cloud platform and a third-party AI integration, not just a direct system intrusion. Vercel said the initial access vector involved Google Workspace OAuth tied to Context. ai, which meant the compromise of one connected tool could cascade into broader access.
That risk is what is driving the company’s current guidance on vercel secrets rotation and account review. Vercel said it is working with Mandiant, additional cybersecurity firms, industry peers, and law enforcement as it narrows the scope of the incident.
What happens next
The next phase will likely focus on confirming exactly which internal systems were touched, how far the access went, and which customers need further action. For now, the company is pressing users to review logs, rotate exposed credentials, and treat unprotected environment variables as sensitive until the investigation is complete, as vercel continues its review of the breach.
