Vercel Breached: ShinyHunters Is Selling the Keys

Table of contents

On April 19, 2026, the threat actor ShinyHunters posted a verified listing on BreachForums offering access keys, source code, and internal databases from Vercel for $2 million USD.

Vercel confirmed the incident hours later in an official security bulletin.

This is not a data scrape or a credential dump. The listing explicitly advertises employee accounts with access to internal deployments, API keys, NPM tokens, and GitHub tokens. The attacker describes the potential for what they call "the largest supply chain attack ever if done right."

What Was Posted

The BreachForums listing, posted under the ShinyHunters administrator account, lays out the scope clearly.

ShinyHunters BreachForums listing advertising Vercel access keys, source code, and database access. The post highlights employee accounts, API keys, NPM tokens, and GitHub tokens.

The post claims access to multiple employee accounts with permissions spanning internal deployments, API keys (including NPM and GitHub tokens), and internal tooling. The attacker references Linear (Vercel's project management tool) as proof of access depth.

Extended listing showing internal user member system schema and $2M asking price. Contact details include XMPP, Telegram, and email. Updated April 19, 2026.

The second screenshot shows an internal user member system schema with fields including id, name, displayName, email, active, admin, guest, timezone, and timestamps. The asking price: $2 million USD, with contact via XMPP, Telegram, and encrypted email. A middleman is required for purchase.

Why This Matters Beyond Vercel

Vercel is not just a hosting platform. It is the creator and primary maintainer of Next.js, Turbo.js, and the broader @vercel ecosystem on NPM. Next.js alone pulls 6 million weekly downloads.

The attacker says it plainly: "You send one update with a payload, and it will hit every developer on the planet who runs an installation or updates a package."

This is not speculation. Stolen NPM tokens with publish access can push malicious versions to packages that millions of developers pull automatically. Stolen GitHub tokens can modify source repositories directly. The supply chain implications extend far beyond Vercel's own infrastructure.

For context, the 2020 SolarWinds breach compromised roughly 18,000 organizations through a single tainted update. The NPM ecosystem reaches orders of magnitude more developers than SolarWinds ever did.

Vercel's Response

Vercel acknowledged the incident in a tweet stating: "We've identified a security incident affecting our systems."

Their security bulletin notes that environment variables marked as "sensitive" in the Vercel dashboard are encrypted at rest and were not exposed. Non-sensitive environment variables should be rotated immediately.

Theo Browne provided an early breakdown: Linear and GitHub were hit, sensitive env vars are safe, but all non-sensitive env vars should be treated as compromised and rotated.

The community response on Hacker News has been critical. Developers are frustrated with what they describe as vague messaging, delayed notification, and a lack of actionable guidance on which specific tokens or keys may have been exposed.

Who Are ShinyHunters

ShinyHunters is a well-documented black-hat threat group that has been active since at least 2020. Their model is consistent: breach SaaS platforms, exfiltrate credentials and source code, then sell access or leak data when victims refuse to pay.

Their confirmed targets in 2026 alone include Cisco and Rockstar Games. Earlier operations hit Microsoft's private GitHub repositories, Tokopedia, Mashable, and dozens of others. The group operates with an administrator-level account on BreachForums, lending their listings additional visibility and perceived credibility within that ecosystem.

The Vercel listing is marked as [VERIFIED] by forum staff, meaning the data samples have been independently checked against Vercel's infrastructure.

What You Should Do Now

If you deploy on Vercel or use any @vercel NPM packages in your build pipeline, take these steps immediately:

  1. Rotate all non-sensitive environment variables in your Vercel dashboard. Anything not marked "sensitive" should be considered potentially exposed.
  2. Rotate GitHub tokens that have any connection to Vercel integrations or GitHub Apps authorized by Vercel.
  3. Audit your NPM lockfile. Check that package versions match expected hashes. Consider pinning exact versions and enabling npm audit in CI.
  4. Review Vercel GitHub App permissions. Remove or restrict the Vercel GitHub integration if you do not need automatic deployments.
  5. Monitor Vercel's security bulletin for updates on scope and remediation.
  6. Enable two-factor authentication on NPM, GitHub, and Vercel if not already active.

The Bigger Picture

The JavaScript ecosystem's dependency model means a single compromised token can cascade through millions of projects. This is not a theoretical risk. The event-stream incident in 2018, the ua-parser-js hijack in 2021, and the colors.js sabotage in 2022 all demonstrated how fragile the supply chain is.

What makes this different is scale. Vercel does not maintain a niche package. It maintains the most popular React framework on the planet and the build tooling that millions of production applications depend on daily.

The listing is live. The tokens may already be in someone's hands. The window for proactive defense is right now.

Stay in the loop New teardowns and guides, straight to your inbox. No spam.