吴说区块链
吴说区块链|4月 21, 2026 02:34
According to WuShuo, Vercel's official statement confirms that after a joint investigation with GitHub, Microsoft, npmjs, and SocketSecurity, none of Vercel's npm packages were compromised in the recent security incident. Vercel stated that no evidence of tampering has been found, and their software supply chain remains secure. It’s reported that on April 19, Vercel confirmed unauthorized access to its internal systems. The breach occurred when attackers exploited Google Workspace OAuth credentials from a third-party AI tool (Context AI) used by one of their employees, gaining access to some non-sensitive environment variables. However, sensitive data was not affected. https://(wublock123.com)/news/vercel-data-breach-april-no-impact-on-npm-supply-chain-59859
Share To

HotFlash

APP

X

Telegram

Facebook

Reddit

CopyLink

Hot Reads