🚨 BREAKING: Vercel has been breached. A threat actor has listed their customers' data, source code, databases, and keys up for sale.

Vercel has also publicly disclosed they've identified a security incident involving unauthorized access to their internal systems.

Vercel is recommending customers to rotate keys.

See: https://vercel.com/kb/bulletin/vercel-april-2026-security-incident

Developing story: https://x.com/IntCyberDigest/status/2045887361746133159?s=20

So here are some images to summarize what's going on:

- Vercel told the threat actor they won't pay because they're not the real ShinyHunters.
- The real ShinyHunters confirmed to us that they are fake.
- The attackers got in through an engineer named Vojtech Miksu; they shared a screenshot of what seems to be Vercel's Enterprise dashboard.

🚨 The NSA has been confirmed to be using Anthropic's Mythos, despite Anthropic sitting on the DoD's blacklist.

Access to Mythos is restricted to just 40 organizations, with Anthropic citing offensive cyber capabilities too dangerous for wider release.

Source: https://www.axios.com/2026/04/19/nsa-anthropic-mythos-pentagon

🚨 According to sample data we received from the Vercel breach, Vercel's CEO Guillermo Rauch was last seen on March 3, 2026. Who is running the company?

The threat actor told us Vercel's security was poor, and consistent with Vercel's own disclosure, a senior engineer authenticated with a fake third-party AI tool via its Google Workspace OAuth app.

- The breach appears to have started or ended on April 12, 2026
- We were sent records of all employees...

🚨🇫🇷 France's ANTS portal, the government system issuing IDs, passports, and driver's licenses, has been breached.

Up to 19 million French citizens may be affected. ANTS has confirmed the breach.

Exposed fields include full name, email, address, date and place of birth, phone number, and identity verification data. Confirmed by the Ministry of the Interior.