{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreidzptztsbfffwu3mlg27cryxg6x2i6z7dnxwgfflr4ysil4rhlapa",
    "uri": "at://did:plc:ax37ypwwfpozwkc552d7scv5/app.bsky.feed.post/3mk2rmpbao5h2"
  },
  "path": "/threads/vercel-hacked.2634466/",
  "publishedAt": "2026-04-22T05:08:33.000Z",
  "site": "https://forums.anandtech.com",
  "tags": [
    "Security",
    "Read more"
  ],
  "textContent": "> $2M in Bitcoin for Vercel's source code, database, and GitHub tokens.\n>  That's the price tag on this dark web listing. Posted yesterday.\n>  Vercel is a $9.3B company that powers millions of production websites and maintains Next JS (6M downloads every week).\n>  How did attackers get in?\n>  ONE Vercel employee was using a small third-party AI tool called Context AI.\n>  That AI tool had a Google Workspace OAuth grant. The AI tool got compromised. Attackers took over the employee's Google Workspace.\n>  Pivoted into Vercel's internal environments. Enumerated environment variables marked \"non-sensitive.\" Escalated access. Walked out with 580 employee records as proof.\n>  Vercel's CEO Guillermo Rauch described the attackers as \"highly sophisticated, and I strongly suspect significantly accelerated by AI.\"\n>  This is the new attack surface.\n>  Every AI tool your team has connected to Gmail, Drive, Slack, or your CRM is a potential backdoor into your entire business.\n>  Most founders have no idea how many OAuth...\n>\n> Click to expand...\n\n\nRead more",
  "title": "Vercel hacked"
}