IT News

Users can now secure their accounts using Two-Factor Authentication (2FA) with Time-based One-Time Passwords (TOTP), commonly provided by authenticator apps like Google Authenticator or Authy. Your cu

In the process of remediating , we looked at other possible exploits of Middleware. We independently verified this in parallel with two reports from independent researchers.CVE-2025-29927low severity

Composable commerce projects frequently become overly complex, leading to missed objectives and unnecessary costs. At Vercel, we take a no-nonsense approach to composable commerce that's solely focuse

Verified webhook providers—including Stripe and PayPal—are now automatically allowed in Attack Challenge Mode, ensuring uninterrupted payment processing. Well-behaved bots from major search engines, s

Vercel now caches dependencies for projects using Yarn 2 and newer, reducing install times and improving build performance. Previously, caching was only supported for npm, pnpm, Bun, and Yarn 1. To di

The 3.2 release adds support for in , making it easier to experiment on marketing pages while keeping them fast and avoiding layout shift. Flags SDKprecomputed feature flagsSvelteKit Precomputed fla

Last week, we published and patched a critical severity vulnerability in Next.js. Here’s our post-incident analysis and next steps.CVE-2025-29927 Read more

Custom Reporting for is now available in beta for Pro and Enterprise users. Slice your AI spend by any dimension: model, provider, user, custom tags, or credential type. A single place for all your A

A security vulnerability in Next.js was , which allows malicious actors to bypass authorization in Middleware when targeting the header.responsibly disclosedx-middleware-subrequest . We still recomme

The is an open-source toolkit for building AI applications with JavaScript and TypeScript. Its unified provider API allows you to use any language model and enables powerful UI integrations into lead