律动BlockBeats|4月 19, 2026 15:32
[Analysis: Vercel Attacked, Suspected Internal Data Stolen by Notorious Hacker, Claimed Usable for Global Supply Chain Attacks]
BlockBeats News, April 19 — According to a retweet by SlowMist Technology Chief Information Security Officer 23pds, 'Unauthorized access to the internal systems of cloud hosting platform Vercel' is suspected to be related to internal data leakage. Previously, an account claiming to belong to the notorious hacker group ShinyHunters was selling Vercel's internal data for $2 million. The data for sale includes Vercel's internal database, access keys, source code, employee accounts (including internal deployment permissions), API keys, NPM tokens, GitHub tokens, and more, claiming it could be used for global supply chain attacks (Vercel owns ecosystems like Next.js and Turbo.js, with Next.js having a weekly download volume of 6 million).
Screenshots disclosed by the hackers show internal data packages covering Vercel's internal Linear system and internal user management system. Previously, Vercel's official team had contacted ShinyHunters via Telegram, requesting them to stop harassing employees, indirectly confirming that Vercel is aware of the incident.
Share To
Timeline
HotFlash
APP
X
Telegram
CopyLink