Hack at Vercel sends crypto developers scrambling to lock down API keys

Breach tied to compromised AI tool may have exposed credentials used by app frontends, the user-facing layer that connects web3 wallets and trading interfaces to backend services.

What to know:

Web infrastructure provider Vercel disclosed a security breach that may have exposed customer API keys, prompting crypto projects to rotate credentials and review their code.Vercel traced the intrusion to a compromised Google Workspace connection via third-party AI tool Context.ai, but said environment variables marked as sensitive are stored in a way that prevents them from being read and there is no evidence they were accessed.The incident is drawing particular scrutiny because many Web3 teams, including Solana-based exchange Orca, host critical wallet interfaces and dashboards on Vercel, though Orca said its on-chain protocol and user funds were not affected.