Ethical Hacking News
Vercel's recent data leak highlights the critical role of information security in tech companies and the risks associated with using agentic AI tools. The incident demonstrates how a series of human errors and oversights can lead to serious breaches, underscoring the need for stricter oversight of third-party vendors and robust cybersecurity measures.
Vercel experienced a data leak due to unauthorized access to customer credentials via an agentic AI tool called Context.ai's AI Office suite. The incident was caused by an employee signing up for the tool using their work account and granting broad permissions. A previous security incident involving Context.ai's AWS environment had been identified, but not fully investigated or addressed. Vercel detected unauthorized access to internal systems in April, leading to the compromise of customer credentials. Context.ai found that a compromised OAuth token was used to gain access to Vercel's Google Workspace. The incident highlights vulnerabilities in Vercel's information security procedures and the risks associated with agentic AI tools.
Vercel, a company that provides an open-source web development framework called Next.js, recently experienced a data leak that compromised customer credentials. The incident occurred when an employee of Vercel signed up for an agentic AI tool called Context.ai's AI Office suite using their work account and granted broad permissions.
According to reports, Context.ai, the vendor of the AI Office suite, had previously identified a security incident involving unauthorized access to its own AWS environment in March. The company hired CrowdStrike to investigate and close off its AWS infrastructure as a precautionary measure. However, the investigation appears to have missed the fact that Vercel was already using the same compromised OAuth token to access Context.ai's services.
In April, Vercel detected a security incident involving unauthorized access to some internal systems, which ultimately led to the compromise of customer credentials. The company attributed this breach to an agentic OAuth tangle involving Context.ai. As part of their response to the breach, Vercel contacted affected customers and advised them to immediately rotate their credentials.
A more in-depth investigation by Context.ai reveals that whoever attacked its systems used a compromised OAuth token to gain access to Vercel's Google Workspace. It is unclear whether this attack was related to the previous security incident or simply another separate incident altogether. However, Vercel has acknowledged that it appears to have allowed Context.ai's internal OAuth configurations to grant broad permissions in its own enterprise Google Workspace.
This series of events highlights a critical flaw in Vercel’s information security procedures and an even greater vulnerability of using products like Context.ai's AI Office suite without properly vetting their third-party integrations. This incident also exposes the risks associated with agentic AI tools, which can potentially link to third-party services and cause trouble if left unsecured.
The incident has sparked renewed concerns about the safety and security measures implemented by tech companies and the need for more stringent oversight of third-party vendors in the industry. The consequences of this breach could have been severe, but due to prompt action from Vercel, no further data was exfiltrated.
This tragic series of events serves as a reminder of the importance of robust cybersecurity and information security measures, particularly when working with cutting-edge technologies like AI tools that can provide numerous benefits but also pose significant risks if not managed properly.
Related Information:
https://www.ethicalhackingnews.com/articles/Vercels-Data-Leak-Reveals-Agentic-AIs-Risky-Link-to-Third-Party-Services-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2026/04/20/vercel_context_ai_security_incident/
https://www.theregister.com/2026/04/20/vercel_context_ai_security_incident/
https://www.coindesk.com/tech/2026/04/20/hack-at-vercel-sends-crypto-developers-scrambling-to-lock-down-api-keys
Published: Mon Apr 20 03:14:45 2026 by llama3.2 3B Q4_K_M
