PANews April 19 news, according to community user Ryan posting on platform X, a user claiming to belong to ShinyHunters posted on hacker forum BreachForums, stating that they are selling Vercel's internal database, access keys, and source code, with a price tag of about 2 million dollars (starting bid 500 thousand dollars equivalent in BTC). The post claims the data includes sensitive information such as employee account permissions, API keys, NPM and GitHub tokens, and suggests it could be used for "supply chain attacks." Relevant screenshots are suspected to come from Vercel's internal systems (including Linear and user management panels), showing fields such as user ID, email, and admin permissions.

It is reported that Vercel has contacted the publisher via Telegram asking to stop contacting employees, indicating that direct communication has been established between the two parties. Meanwhile, Vercel has officially confirmed that "some internal systems have been accessed without authorization," and stated that it has initiated incident response, notified law enforcement, and is communicating with affected customers.

Vercel emphasized that currently only a small number of customers are affected, the platform services continue to operate normally, and it recommends users check environment variable configurations and enable sensitive variable protection features.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。