Vercel Breaches Escalate API Key Risks
Key Questions
What happened in the Vercel breach?
Vercel disclosed a breach where a hacker stole limited customer data from the developer tooling provider.
How did Context.ai expose API keys?
Context.ai exposed environment variables and API keys via Google Workspace. This incident highlights AI and supply-chain threats.
What risks do malicious npm packages pose?
Malicious packages like pgserve and automagik in the npm registry steal credentials, secrets, and infect packages, escalating API key risks.
Context.ai via Google Workspace exposed env vars/API keys, GitHub Node.js. AI/supply-chain threats; rotate/audit amid gateway pushes.
Sources (2)
Updated Apr 23, 2026