Vercel, the cloud platform for frontend developers, officially disclosed a significant security incident on April 23, 2026, originating from a compromise of Context.ai, a third-party artificial intelligence tool used by the company. According to a technical bulletin released by Vercel’s security team, the breach allowed unauthorized actors to gain access to internal systems and subsequently compromise a subset of customer accounts. The incident was first detected at 08:15 UTC when automated monitoring systems flagged unusual administrative activity within the Vercel Dashboard.

The investigation revealed that the intrusion began with a credential stuffing attack against a Vercel employee’s account on Context.ai, a platform used for analyzing Large Language Model interactions. Because the employee had utilized a single-sign-on token that lacked hardware-based multi-factor authentication for that specific third-party integration, the attackers were able to pivot from the Context.ai environment into Vercel’s internal staging infrastructure. From there, the threat actors successfully extracted sensitive configuration data, including environment variables and authentication tokens, for approximately 1,200 Enterprise and Pro tier customers.

Vercel confirmed that the breach persisted for approximately four hours before the affected internal access tokens were revoked. Technical logs indicate that the attackers focused on projects utilizing Next.js version 14.2 and higher, specifically targeting those with active integrations to external database providers. While the core Vercel production infrastructure and the Vercel Edge Network remained uncompromised, the exposure of environment variables potentially allowed the attackers to access third-party services linked to the affected customer projects.

In an official statement, Vercel’s Chief Information Security Officer stated that the company has since rotated all internal credentials and implemented a mandatory hardware-key multi-factor authentication policy for all third-party software-as-a-service integrations. Vercel has also disabled the integration with Context.ai indefinitely while a full forensic audit is conducted. Affected customers were notified via the Vercel Dashboard and email by 12:00 UTC, with instructions to rotate their own secrets and environment variables immediately.

Context.ai also issued a statement on April 23, confirming that they are investigating a broader security flaw in their session management protocol that may have contributed to the unauthorized access. They reported that their version 2.4.1 update, released earlier in the week, contained a vulnerability in how OAuth tokens were cached. Vercel is currently working with external cybersecurity firms to determine if any data exfiltration occurred beyond the identified environment variables. No evidence has yet been found of unauthorized changes to customer source code or deployment pipelines.