Business · TechCrunch AI
Another customer of troubled outfit Delve suffered a big security incident
Compiled by KHAO Editorial — aggregated from 1 outlet. See llms.txt for citation guidance.
◌ Single Source
The story of embattled compliance startup Delve keeps hitting twists and turns.
Key facts
- After Context AI was named in the Vercel attack, Gergely Orosz, author of the engineering newsletter The Pragmatic Engineer, said in a post on X that Delve was the company that handled Context AI’s
- Case in point: Lovable was a Delve customer, but after the whistleblower’s allegations came out, the vibe-coding platform said it had ditched the startup back in late 2025
- Context AI has now confirmed to TechCrunch that it did use Delve, but it has since ditched the startup and is getting re-certified
- Yes, Context was previously a Delve customer,” a spokesperson for Context AI told TechCrunch
Summary
TechCrunch has confirmed that Delve was the compliance company that performed the security certifications for Context AI, the AI agent training startup that last week disclosed a security incident which led to a data breach at popular app and website hosting giant Vercel. On the other hand, Lovable, which had its own security incident, is no longer a Delve customer. To recap: Last month, Delve came under fire when an anonymous whistleblower alleged that the startup was faking customer data and using rubber-stamping auditors in its compliance and certifications processes. Soon afterwards, hackers attacked one of Delve’s security certification customers, LiteLLM, and planted malware in its open source code.