Vercel Archives • Information Security News

Open Proxy Risk: High-Severity Next.js SSRF Flaw Exposes Cloud Metadata Endpoints nextjs

Open Proxy Risk: High-Severity Next.js SSRF Flaw Exposes Cloud Metadata Endpoints

ddos May 18, 2026

The development framework Next.js has remediated a critical security vulnerability, designated as CVE-2026-44578, which afflicts applications deployed...

The AI Weak Link: How a Third-Party Breach Exposed Vercel Customer Secrets SitusAMC Mortgage Breach LG Energy Solution Ransomware Somalia Visa Breach Knownsec Leak Scattered LAPSUS$ Hunters Shadow AI Leakage Data Broker Document leak

SitusAMC Mortgage Breach LG Energy Solution Ransomware Somalia Visa Breach Knownsec Leak Scattered LAPSUS$ Hunters Shadow AI Leakage Data Broker Document leak

The AI Weak Link: How a Third-Party Breach Exposed Vercel Customer Secrets

ddos April 21, 2026

The month of April concluded for the American firm Vercel with a distressing incident that precipitously transcended...

The Trojan in the Sidebar: How an Abandoned App Turned the Official Microsoft Store into a Phishing Engine

ddos February 16, 2026

Researchers have documented the inaugural instance of a deleterious Microsoft Outlook extension proliferating through the official Office...

The Ghost Window: Trellix Warns of “Perfect” Facebook Phishing Traps

ddos January 14, 2026

Adversaries have intensified their offensives against Facebook users by deploying one of the most inconspicuous and treacherous...

React2Shell Saga Continues: New DoS Flaw & Source Code Leak Discovered in React Server Components

ddos December 15, 2025

The long-running React2Shell saga—which has continued to disrupt many web projects—has taken another turn: it has emerged...

Vercel

The Trojan in the Sidebar: How an Abandoned App Turned the Official Microsoft Store into a Phishing Engine

React2Shell Saga Continues: New DoS Flaw & Source Code Leak Discovered in React Server Components

You may have missed

The War for Your Documents: Why The Document Foundation is Challenging Microsoft’s OOXML Monopoly

Urgent Patch: Microsoft Defender Update Fixes Critical SYSTEM-Level Privilege Escalation Flaw

The Pre-Boot Breach: Microsoft Releases Critical Emergency Script to Defend Against “YellowKey” BitLocker Bypass

The Reddit Clone: Meta Secretly Launches “Forum” App to Unbundle Facebook Groups