Vercel attack fallout expands to more customers and third-party systems

Vercel disclosed a breach originating from a Context.ai compromise in which Lumma Stealer infection enabled attackers to obtain tokens and keys, traverse Vercel internal systems, and exfiltrate customer data such as environment variables, source-code snippets, and databases; the stolen data is reportedly being sold and Mandiant is investigating while Vercel continues analysis of the impact and scope.