The Vercel breach: OAuth attack exposes risk in platform environment variables

Posted by queenelvis 1 day ago

The Vercel breach: OAuth attack exposes risk in platform environment variables(www.trendmicro.com)

Vercel April 2026 security incident - https://news.ycombinator.com/item?id=47824463 - April 2026 (485 comments)

A Roblox cheat and one AI tool brought down Vercel's platform - https://news.ycombinator.com/item?id=47844431 - April 2026 (145 comments)

354 points | 115 commentspage 4

semiquaver 22 hours ago|

I’m sure this has been said before but the new part of me is that the initial breach happened 22 months ago and has been sitting undetected that whole time. This really looks quite bad for vercel’s security posture.

rvz 16 hours ago||

If I were to interview someone and I see that they use Vercel, I'd immediately reject them.

Oauth is another flawed standard as I said before and this attack clearly shows that.

pphysch 1 day ago||

Security-by-obfuscation is ridiculed but I'm a firm believer that preventing yourself from getting owned when someone is able to type 3 letters `env` is a worthy layer of defense. Even if those same secrets are unencrypted somewhere else on the same system, at least make them spend a bunch of time crawling through files and such.

Quarrelsome 1 day ago|

It's ridiculed because its no protection on its own when an attacker is motivated. Its fine to add as an additional layer though if you want to make your space mildly custom to protect against broader attacks.

I don't see how its necessarily relevant to this attack though. These guys were storing creds in clear and assuming actors within their network were "safe", weren't they?

pphysch 1 day ago||

TFA cites "env var enumeration", likely implying someone got somewhere they shouldn't and typed 3 characters, as the critical attack that led to customers getting compromised.

My point is sensitive secrets should literally never be exported into the process environment, they should be pulled directly into application memory from a file or secrets manager.

It would still be a bad compromise either way, but you have a fighting chance of limiting the blast radius if you aren't serving secrets to attackers on an env platter, which could be the first three characters they type once establishing access.

kstrauser 22 hours ago|||

The following is based on my interpretation of information that's been made public:

A Vercel user had their Google Workspace compromised.

The attacker used the compromised workspace to connect to Vercel, via Vercel's Google sign-on option.

The attacker, properly logged into the Vercel console as an employee of that company, looked at the company's projects' settings and peeked at the environment variables section, which lists a series of key:value pairs.

The user's company had not marked the relevant environment variables as "sensitive", which would have hidden their values from the logged-in attacker. Instead of

  DATABASE_PASSWORD: abcd_1234 [click here to update]

it would have shown:

  DATABASE_PASSWORD: ****** [click here to update]

with no way to reveal the previously stored value.

And that's how the attacker enumerated the env vars. They didn't have to compromise a running instance or anything. They used their improperly acquired but valid credentials to log in as a user and look at settings that user had access to.

dboreham 21 hours ago||

Astonishing that high damage actions were authorized by authentication delegated to Google and furthermore not subject to hard token 2FA.

lbarrow 1 day ago||||

I don't think that's what the attacker did here. Vercel is a PaaS product where other developers run apps. The enumerated environment variables were the env vars of Vercel's customers, which Vercel likely stores in a long-term data store. Rather than running `env` on a Linux box somewhere, the attacker may have just accessed that data store.

andrewmcwatters 1 day ago|||

[dead]

forrestthewoods 20 hours ago||

I hate environment variables. I hate them so so so much. I can’t think of a single time I would prefer an envvar to a config file.

They’re somewhat necessary when dealing with Docker. But I also hate Docker. So it’s not surprising when one bad design pattern leads to another.

I suppose maybe envvars make sense when dealing with secrets? I’m not sure. I don’t do any webdev. So not sure what’s least bad solution there.

errolabadzhiev 8 hours ago||

[dead]

guptadeepak 20 hours ago||

[dead]

babas03 14 hours ago||

[dead]

jdw64 1 day ago||

[dead]

foreman_ 23 hours ago|

[dead]