Cloud hosting provider Vercel is investigating a security breach after hackers claimed they stole sensitive customer data and are selling it on an online cybercrime forum. The incident has raised fresh concerns about the security of software supply chains that underpin much of the modern web.

Vercel said the intrusion began outside its own infrastructure, tracing the breach to software maker Context AI. According to the company, a Vercel employee installed a Context AI app and linked it to their corporate Google account using OAuth, a common protocol that lets users grant third-party apps access to their accounts without sharing passwords.

Attackers allegedly abused that OAuth connection to seize control of the employee’s Google account, then pivoted into Vercel’s internal systems. From there, they accessed some unencrypted credentials and other internal resources, exposing data tied to customer applications.

Vercel has notified affected customers whose app data and keys were compromised and urged broader caution. Chief executive Guillermo Rauch publicly advised all customers to rotate any deployment keys and credentials, including those previously labeled as non-sensitive, to limit potential fallout.

The company stressed that its flagship open-source projects, Next.js and Turbopack, were not impacted. Those frameworks are widely used by developers to build and optimize web applications, and any compromise could have had far-reaching consequences across the internet.

The identity of the attackers remains unclear. A threat actor advertising the stolen data on a criminal forum claimed to be associated with the ShinyHunters group and offered what they described as access to customer API keys, source code, and database contents taken from Vercel. ShinyHunters, which has a history of targeting cloud and database platforms, has publicly denied involvement.

Vercel has said little beyond confirming the investigation and pointing to Context AI as the origin of the breach. The company warned that the incident could affect hundreds of users across multiple organizations, suggesting the potential for downstream compromises if stolen credentials are reused elsewhere.

Context AI, which provides evaluation and analytics tools for AI models, has acknowledged a breach involving its Office Suite consumer app. The company now believes attackers likely obtained OAuth tokens for some users, expanding the scope of the incident beyond its initial assessment.

Key questions remain unanswered, including how many Vercel customers are affected, whether any ransom demands were made, and why Context AI did not more fully disclose the earlier breach when it occurred.