So here are some images to summarize what's going on:
- Vercel told the threat actor they won't pay because they're not the real ShinyHunters.
- The real ShinyHunters confirmed to us that they are fake.
- The attackers got in through an engineer named Vojtech Miksu; they shared a screenshot of what seems to be Vercel's Enterprise dashboard.
- Vercel told the threat actor they won't pay because they're not the real ShinyHunters.
- The real ShinyHunters confirmed to us that they are fake.
- The attackers got in through an engineer named Vojtech Miksu; they shared a screenshot of what seems to be Vercel's Enterprise dashboard.
🔥12🤣6❤1😢1
🚨 The NSA has been confirmed to be using Anthropic's Mythos, despite Anthropic sitting on the DoD's blacklist.
Access to Mythos is restricted to just 40 organizations, with Anthropic citing offensive cyber capabilities too dangerous for wider release.
Source: https://www.axios.com/2026/04/19/nsa-anthropic-mythos-pentagon
Access to Mythos is restricted to just 40 organizations, with Anthropic citing offensive cyber capabilities too dangerous for wider release.
Source: https://www.axios.com/2026/04/19/nsa-anthropic-mythos-pentagon
😢13💩7🤬5
🚨 According to sample data we received from the Vercel breach, Vercel's CEO Guillermo Rauch was last seen on March 3, 2026. Who is running the company?
The threat actor told us Vercel's security was poor, and consistent with Vercel's own disclosure, a senior engineer authenticated with a fake third-party AI tool via its Google Workspace OAuth app.
- The breach appears to have started or ended on April 12, 2026
- We were sent records of all employees...
The threat actor told us Vercel's security was poor, and consistent with Vercel's own disclosure, a senior engineer authenticated with a fake third-party AI tool via its Google Workspace OAuth app.
- The breach appears to have started or ended on April 12, 2026
- We were sent records of all employees...
❤7🤣6🔥2
🚨🇫🇷 France's ANTS portal, the government system issuing IDs, passports, and driver's licenses, has been breached.
Up to 19 million French citizens may be affected. ANTS has confirmed the breach.
Exposed fields include full name, email, address, date and place of birth, phone number, and identity verification data. Confirmed by the Ministry of the Interior.
Up to 19 million French citizens may be affected. ANTS has confirmed the breach.
Exposed fields include full name, email, address, date and place of birth, phone number, and identity verification data. Confirmed by the Ministry of the Interior.
🤣12🎉10😁3😭3😍2🔥1
🚨‼️ A Dutch NATO ship escorting France's nuclear flagship carrier Charles de Gaulle was tracked via a cheap Bluetooth tracker, mailed to the vessel inside a greeting card by a Dutch TV station.
The Dutch military postal system missed the device entirely. The Ministry of Defense has now banned greeting cards with batteries.
The Dutch military postal system missed the device entirely. The Ministry of Defense has now banned greeting cards with batteries.
1🤣40❤4
🚨 The Vercel breach traces back to a Context[.]ai gooner employee infected with Lumma infostealer. The malware harvested his Google Workspace credentials, porn and anime site logins, and the in-game username "lecoonjames" (see profile pic below, he changed the username post-infection, I wonder why).
Stolen records included "support@context[.]ai," assessed as a core Context-Inc Vercel team account, likely enabling privilege escalation into Vercel infrastructure.
Stolen records included "support@context[.]ai," assessed as a core Context-Inc Vercel team account, likely enabling privilege escalation into Vercel infrastructure.
🤣28❤2😱1😭1🤪1