Getting lots of questions about how to learn more about the incident. We're actively maintaining the...
- 安全事件响应中,删除环境变量或资源≠密钥轮换,必须在第三方服务商处主动使旧密钥失效。
- Vercel已直接联系所有可能受影响客户,并持续更新官方安全公告作为唯一权威信息源。
- 建议用户遵循公告中的安全最佳实践,即使未被直接通知也应主动轮换密钥以防潜在风险。
The bulletin includes security best practices to take out of an abundance of caution. To reiterate, we directly contacted all Vercel" / X
Guillermo Rauch on X: "Getting lots of questions about how to learn more about the incident. We're actively maintaining the security bulletin. That's the source. The bulletin includes security best practices to take out of an abundance of caution. To reiterate, we directly contacted all Vercel" / X
Don’t miss what’s happening
People on X are the first to know.
Post
See new posts
Conversation
Guillermo Rauch 
Getting lots of questions about how to learn more about the incident. We're actively maintaining the security bulletin. That's the source. The bulletin includes security best practices to take out of an abundance of caution. To reiterate, we directly contacted all Vercel customers that we believe to be impacted by the IOC shared in the bulletin. One misconception we've seen that I need to call out. Deletion (e.g.: of an env var, project, account…) does not imply Rotation. Rotating keys means *invalidating* the previous value with the vendor/service you're using, and getting a new one. Do that. i.e.: if you only delete the resource on the Vercel side, the associated key can "live on" with the other provider, and be mis-used
·
2
1
19
2
New to X?
Sign up now to get your own personalized timeline!
Sign up with Apple
By signing up, you agree to the Terms of Service and Privacy Policy, including Cookie Use.
Relevant people
-  Guillermo Rauch  @rauchg Follow Click to Follow rauchg @vercel CEO
Trending now
What’s happening
Trending in United States
Happy Lesbian Visibility Week
Trending in United States
Puff
Sports · Trending
John Lynch
Business and finance · Trending
TBPN
|
|
|
|
|
More
© 2026 X Corp.