Vercel has disclosed a second wave of compromised customer accounts that is independent of the April 19 Context.ai supply chain attack that first put the platform in the news. The company said it uncovered the additional compromises after expanding its investigation to include a broader set of indicators — reviewing network requests and environment variable read events in its logs. [1]

The paper's Tuesday brief on the OAuth incident read the post-disclosure quiet as silence; today's reporting recasts it as ongoing investigation. Vercel was not declining to speak — it was still expanding the indicator set and finding more. What it found is more troubling than an extension of the known breach. The company said these additional accounts showed evidence of prior compromise potentially resulting from social engineering, malware, or other methods — meaning the attacker or attackers in this wave may have had nothing to do with Context.ai at all. [1][2]

The original incident involved a Context.ai compromise that allowed an attacker to access a Vercel employee's Google Workspace account, then pivot into Vercel's environment and decrypt non-sensitive environment variables. The second wave predates that incident. Vercel has not disclosed how many customers are newly affected, only that it has notified those known to be impacted. [1] That phrase — "known to be impacted" — is doing significant work. It implies the full scope is not yet determined. For a platform that hosts production infrastructure for thousands of companies, the distinction between a supply chain breach and a separate social-engineering campaign matters less than the accumulating evidence that Vercel's perimeter held two different holes at the same time.

-- THEO KAPLAN, San Francisco