Vercel discloses Context.ai breach as employee allowed hackers internal access
Technology
Vercel, a popular platform for front-end developers, just revealed a security breach caused by a third-party AI tool called Context.ai.
An employee's use of this tool let hackers access some of Vercel's internal systems, shining a light on the risks that come with plugging outside software into company tools.
Vercel asks users rotate environment variables
CEO Guillermo Rauch said the company acted fast, asking affected users to rotate certain environment variables and confirming with GitHub that their npm packages are safe.
Only a small group of customers were hit.
Now, Vercel is working with cybersecurity experts and law enforcement to investigate further, while also recommending stronger security steps like multi-factor authentication to help keep everyone safer moving forward.