Vercel CEO: The hacker's activities extend far beyond the initial intrusion; other suspected victims have been notified to rotate their credentials.

CoinFeed reported on April 23 that Vercel CEO Guillermo Rauch released an update on the security investigation, stating that the team has processed nearly 1 PB of network and API logs, extending the investigation far beyond the initial Context.ai intrusion incident. The investigation revealed that the threat actors' activities have extended beyond the startup, distributing malware to computers to steal Vercel accounts and other service provider keys. Once they obtained the keys, the attackers immediately made rapid and comprehensive API calls, focusing on enumerating non-sensitive environment variables. Vercel has deepened and expanded its collaboration with industry partners such as Microsoft, AWS, and Wiz, and has notified other suspected victims to rotate credentials and adopt best practices.