Vercel's Security Challenges in 2025-2026: What Happened and Why It Matters

Vercel, a popular platform for deploying web applications, faced a series of security incidents between late 2025 and early 2026. These ranged from attacks on software packages to vulnerabilities in its Next.js framework (a tool developers use to build web apps) to unauthorized access to internal systems. The incidents offer a window into how security threats cascade through modern web infrastructure and what this means for developers and companies relying on these tools.

The npm Supply Chain Attack and DuckDB

On September 8, 2025, Vercel disclosed a critical attack on npm — the package manager (essentially a library of pre-built code) that millions of developers use daily. The attack extended to DuckDB-related packages the next day.

Here's what happened: someone gained unauthorized access to an administrative account for DuckDB, an analytical database system increasingly used by data engineers. With admin credentials in hand, attackers can inject malicious code into software packages that developers then unknowingly download and install. Vercel documented the incident in real-time, showing how modern supply chain compromises spread through dependency networks — imagine contaminated water entering a city's pipes and flowing to thousands of homes at once.

DuckDB's prominence made it a valuable target. Because many organizations depend on it for analytics work, compromising it could affect companies across entire industries.

The Next.js Middleware Vulnerability

A more drawn-out security problem emerged with Next.js, Vercel's own JavaScript framework. On February 27, 2025, a researcher privately reported a vulnerability to the Next.js team: a flaw in the framework's middleware system (middleware is code that runs before a request reaches your application's main logic) that could be bypassed entirely.

The company formally responded six days later, on March 5, 2025 — a reasonable timeline, but it highlights the coordination challenges in JavaScript ecosystems. Vercel then released patches in stages: Next.js 13.5.9 got its fix on March 22, followed by Next.js 12.3.5 on March 23. The postmortem provides full details.

This staggered approach reflects a real-world challenge: the company maintains security fixes across multiple major versions of its framework, each running in millions of applications worldwide. For organizations using older versions, the upgrade path became complicated and risky.

Why does this matter? Middleware often handles critical security tasks — checking whether a user is logged in, validating requests, or filtering access. If middleware can be bypassed, an attacker might be able to reach parts of an application they shouldn't access.

How Vercel Changed Its Security Reporting

After the middleware incident, Vercel simplified where security researchers should report problems. The company shut down its dedicated security email addresses (security@vercel.com and responsible.disclosure@vercel.com) and directed all Next.js security reports exclusively to GitHub's built-in private reporting system.

Analysis: This consolidation makes sense from an operational standpoint — one channel instead of multiple reduces confusion and speeds up internal routing. However, it also creates a dependency: researchers must use GitHub to report issues. For security teams at organizations with strict policies against GitHub, or researchers who prefer email disclosure, this creates friction.

The Broader Threat Climate

The Vercel incidents occurred amid a wave of supply chain and application attacks throughout 2025. A hacker group called ShinyHunters, active since 2019, significantly ramped up operations. They claimed responsibility for stealing data from companies using Salesforce's Experience Cloud platform, targeting organizations with weak security settings around guest user access beginning in September 2025. Details are available from reporting on the Salesforce incident.

ShinyHunters also runs an underground forum where stolen data is traded. This group exemplifies how modern cybercriminals diversify — they attack cloud platforms, exploit misconfigurations, and operate infrastructure for selling compromised data.

Media organizations weren't spared either. Agence France-Presse (AFP) detected an attack on its IT systems in 2025 that affected its news distribution service. AFP confirmed the incident, illustrating that critical information services are high-value targets during periods of global tension.

April 2026: System Access Breach

In April 2026, Vercel disclosed unauthorized access to some of its internal systems. The company has shared limited details in a security bulletin, but the timing suggests that cloud infrastructure providers remain targets for sophisticated attackers.

Worth flagging: Vercel hasn't publicly disclosed exactly what was accessed or how many systems were affected. Given that Vercel hosts applications for millions of users — including many enterprise customers — the scope of this incident warrants close attention from anyone running critical workloads on the platform.

Compliance and Security Updates

Throughout this period, Vercel maintained its certifications for handling payment card data (PCI DSS compliance), including updated documentation in 2024 and 2025. The company also expanded its security documentation to cover AI product services, reflecting how cloud platforms now integrate with a much broader ecosystem of tools and services.

One claim circulated about Vercel paying $1 million to security researchers for hardening against something called "React2Shell," but this hasn't been confirmed by the company and appears in sources of questionable reliability.

What This Means for Developers and Organizations

For anyone running applications on Vercel or using Next.js in production, this sequence of events carries practical implications.

The middleware bypass was particularly serious because many applications rely on middleware for core security functions — verifying that users are logged in, checking permissions, or filtering what data users can access. If middleware can be circumvented, attackers can reach sensitive parts of your application.

The npm supply chain attacks underscore why developers need to scan their dependencies — not just the packages they explicitly install, but also the packages those packages depend on, recursively. Without visibility into this dependency tree, you might unknowingly be running code from compromised packages like DuckDB.

In this author's view: The concentration of multiple serious security incidents around a single platform raises a broader question about risk. Vercel handled these incidents transparently, which is the right approach, but the frequency suggests that organizations should think carefully about how much of their infrastructure depends on any single provider. The company's move to GitHub-centric security reporting may streamline their internal processes, but it also means enterprise security teams need to ensure their incident response workflows can accommodate this change without introducing delays.

As cloud platforms have become the foundation of modern web infrastructure, their security incidents ripple outward to affect entire segments of the industry. The Vercel incidents illustrate this pattern clearly: a breach in one supply chain, a flaw in one framework, a compromise of internal systems — each affects thousands of organizations downstream. Both cloud providers and the teams running applications on them need to account for this interconnected reality in how they approach security.