Cloud Security
Vercel Edge Functions supply chain risks in 2026
Edge Functions, middleware, and Edge Config combine npm trust, build-step trust, and a secret surface that runs at every request. Here is the 2026 control set.
May 13, 20267 min read
Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
Edge Functions, middleware, and Edge Config combine npm trust, build-step trust, and a secret surface that runs at every request. Here is the 2026 control set.
An infostealer infection at AI startup Context.ai let attackers reuse a Vercel employee's months-old Google Workspace OAuth grant to bypass MFA and exfiltrate customer environment variables. Disclosed April 2026, the fallout deepened through May.
Weekly insights on software supply chain security, delivered to your inbox.