内容来源：https://www.theverge.com/tech/914723/vercel-hacked

内容总结：

知名云开发平台Vercel近日遭遇黑客攻击，部分用户数据遭窃并被挂售。攻击者自称隶属于近期入侵Rockstar Games的"ShinyHunters"组织，已在网络泄露包括员工姓名、邮箱及操作时间戳在内的数据。

Vercel官方在社交媒体平台X发布声明，确认发生"安全事件"，影响"少量客户群体"。调查显示，攻击源自某第三方AI工具被劫持的Google Workspace OAuth应用程序，该漏洞可能波及数百家机构的用户。

平台建议管理员立即审查活动日志中的异常行为，并轮换环境变量等敏感凭证。同时呼吁Google Workspace管理员及账户所有者核查是否使用涉事应用，并公布了相关威胁指标供行业协作排查。目前该公司未公开具体涉事第三方工具名称。

中文翻译：

主要网络应用托管与部署平台Vercel近日遭遇安全入侵，黑客正试图兜售窃取的数据。自称近期入侵Rockstar Games事件幕后黑手ShinyHunters组织成员的人员在网上发布了部分数据，内容涉及员工姓名、电子邮箱及活动时间戳。Vercel在X平台发文确认发生"安全事件"，并称其影响范围仅限于"特定客户群体"。该公司表示攻击源于某第三方AI工具遭入侵，但未具体说明涉事第三方身份。

云开发平台Vercel遭黑客入侵
该公司称攻击源自遭入侵的"第三方AI工具"
该公司称攻击源自遭入侵的"第三方AI工具"

Vercel建议管理员审查活动日志以排查可疑行为，同时提议采取"检查并轮换环境变量"等措施作为额外预防手段，以防API密钥、令牌或其他敏感数据遭泄露。其在安全公告结尾处声明：

经调查发现，本次事件源于某第三方AI工具，其Google Workspace OAuth应用程序存在广泛的安全漏洞，可能已波及数百家机构的众多用户。

现公布以下入侵指标，以协助广大用户群体调查和筛查环境中潜在的恶意活动。我们建议Google Workspace管理员及谷歌账户所有者立即核查是否使用过该应用程序。

英文来源：

Vercel, a major development platform that hosts and deploys web apps, was compromised, and the hackers are attempting to sell stolen data. A person claiming to be a member of ShinyHunters, which was behind the recent hack of Rockstar Games, posted some data online, including employee names, email addresses, and activity time stamps. Vercel confirmed in a post on X that a “security incident” had occurred, and that it impacted a “limited subset” of its customers. Vercel said that a compromised third-party AI tool was the avenue for attack, though it did not specify which third-party was involved.
Cloud development platform Vercel was hacked
The company says the attack originated from a compromised “third-party AI tool.”
The company says the attack originated from a compromised “third-party AI tool.”
Vercel encouraged administrators to review their activity logs for suspicious activity. It also suggested taking steps to “review and rotate environmental variables” as an extra precaution in case API keys, tokens, or other sensitive data were exposed. It ended its security bulletin by saying:
Our investigation has revealed that the incident originated from a third-party AI tool whose Google Workspace OAuth app was the subject of a broader compromise, potentially affecting hundreds of its users across many organizations.
We are publishing the following IOC to support the wider community in the investigation and vetting of potential malicious activity in their environments. We recommend that Google Workspace Administrators and Google Account owners check for usage of this app immediately.