The story of the compliance startup Delve remains full of twists and turns.
TechCrunch confirmed that Delve was the compliance company that conducted security certifications for Context AI, the AI agent training startup.
This incident is linked to a data leak at Vercel, the giant hosting platform for applications and websites.
Context AI has confirmed that it had indeed used Delve's services. However, the company has since abandoned Delve and is in the process of obtaining a new certification.
The issues with Delve were already known: previously, an anonymous whistleblower alleged that Delve fabricated customer data. Furthermore, there were attacks on Delve clients, such as LiteLLM, which planted malware in its open-source code.
Finally, a Vercel employee downloaded a Context AI application and connected it to the corporate Vercel account, allowing hackers to access internal systems and customer data.