Learning from the Vercel Breach: A Secrets Security Playbook

On April 19, 2026, Vercel experienced a security breach that highlighted vulnerabilities in platform engineering teams' infrastructure due to an attack chain involving unauthorized access to internal systems through a compromised third-party AI tool. The breach, which originated from a Google Workspace OAuth app, exposed structural weaknesses present in many tech stacks and underscored the importance of robust secrets management. The incident prompted Vercel to issue a public bulletin, engage Mandiant, notify affected customers, and strengthen product security. The breach serves as a case study for improving secrets security, with recommendations to centralize secrets management, eliminate long-lived credentials, remove .env files, utilize dynamic secrets, and maintain rigorous audit logging. Infisical is presented as a solution, offering a comprehensive playbook to safeguard against similar attacks by ensuring secrets are managed securely and dynamically, thus reducing the risk of exposure and enabling quicker response to potential threats.