On April 22, 2026, significant cybersecurity disclosures involving Salesforce and Vercel highlighted vulnerabilities in cloud configurations and third-party integrations. Educational publishing leader McGraw Hill confirmed that a data leak, initially reported earlier in the week, was the result of a Salesforce misconfiguration that has impacted multiple organizations. Simultaneously, cloud infrastructure provider Vercel provided an update on a security breach originating from a compromised third-party artificial intelligence tool, Context.ai, which was used by an employee.

The Salesforce-related incident gained prominence after the threat actor group ShinyHunters claimed to have exfiltrated 45 million records from the platform. McGraw Hill, which reported quarterly revenue of $434.2 million, identified unauthorized access to a limited set of data hosted on a specific Salesforce webpage. A spokesperson for McGraw Hill clarified that the incident did not involve unauthorized access to the company’s core Salesforce accounts, customer databases, or internal systems. The exposed data was described as non-sensitive, excluding Social Security numbers and financial information. Salesforce issued a statement clarifying that there is no indication of a platform-wide compromise, attributing the leak to implementation-specific misconfigurations rather than a vulnerability in its underlying technology.

Vercel’s disclosure centered on a supply chain attack involving Context.ai. An investigation revealed that a Vercel employee used a corporate Google Workspace account to access the AI tool via an OAuth connection. Attackers compromised Context.ai and leveraged the hijacked OAuth token to gain entry into Vercel’s internal environments. According to Vercel’s security bulletin, the unauthorized access was limited to environment variables not designated as sensitive. The company confirmed that sensitive variables are stored in an encrypted format and remained secure throughout the incident.

To manage the response, Vercel engaged cybersecurity firms Mandiant and CrowdStrike. In collaboration with industry partners such as GitHub, Microsoft, npm, and Socket, Vercel’s security team confirmed that no npm packages published by the company were compromised. While the platform remained fully operational, ShinyHunters has reportedly demanded a $2 million ransom for the allegedly stolen data. Vercel has since implemented product enhancements, including defaulting all new environment variables to a sensitive status to mitigate future risks.

Both Vercel and McGraw Hill have notified law enforcement and are continuing their respective investigations. Vercel has contacted a limited subset of customers whose credentials may have been exposed, recommending an immediate rotation of all secrets. These events underscore the critical nature of SaaS security posture management and the potential for lateral movement through trusted third-party OAuth integrations.