Rewards Hub Vercel has confirmed that its npm packages remain secure following a recent security incident. After a joint investigation with GitHub, Microsoft, npmjs, and SocketSecurity, Vercel stated that there is no evidence of tampering with its software supply chain. The company reassured users that its npm packages were not compromised.
The incident, reported on April 19, involved unauthorized access to Vercel's internal systems. Attackers exploited Google Workspace OAuth credentials from a third-party AI tool used by a Vercel employee, gaining access to some non-sensitive environment variables. However, Vercel confirmed that no sensitive data was affected.
Vercel Confirms npm Packages Unaffected by Recent Security Incident
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.