🤠 Vercel Got Breached, Defender Got Exploited, and Altman Got Molotov'd

Sponsored by

This is an IT Support Group

Tuesday Briefing 🤠

Vercel got breached via a compromised AI tool, three Defender bugs are under active exploit, and Sam Altman's driveway got Molotov'd. Tuesdays, man.

GM IT pros!

Happy Tuesday! I know, I know — you expected silence from us until Friday. But Vercel dropped a breach disclosure on Sunday and there's enough news piled up since Friday's roundup that I figured we'd do a mid-week briefing. Short-ish, focused, still snarky. Back to the regular Friday chaos in three days.

-Stetson

This Week's Main Event: Vercel Got Popped

The short version of a very long supply-chain story

On Sunday April 19, Vercel confirmed a security incident after a threat actor calling themselves ShinyHunters started hawking internal data on BreachForums. The attack chain is the kind of thing you'd invent in a tabletop exercise and then dismiss as "too contrived to be realistic":

Back in February, a Context.ai employee got popped by Lumma Stealer. Context.ai is an AI meeting-notes tool that a Vercel employee happened to use. The stealer infection gave the attacker a Google Workspace OAuth session for the Context employee. That OAuth session apparently had enough reach to pivot into Vercel's enterprise Google Workspace, where the attacker took over a Vercel employee's account. From there they walked into Vercel's internal environments and grabbed anything that wasn't tagged "sensitive" — which, it turns out, included environment variables that weren't marked as secrets and therefore weren't encrypted at rest.

The claimed loot, per the BreachForums post: API keys, NPM tokens, GitHub tokens, partial source code, database records, and 580 Vercel employee HR records. Vercel says no Vercel-published NPM packages were tampered with (confirmed with GitHub, Microsoft, npm, and Socket) and there's no evidence of supply-chain modification. Mandiant is engaged. The "sensitive" env var flag now encrypts-at-rest — if you host on Vercel, double-check that every secret you care about has it set.

The scary part for the rest of us isn't what Vercel did wrong. It's that every SaaS tool your team connected to Google Workspace via OAuth is now a lateral-movement path into your environment. If Context.ai — a note-taker — was enough to burn down a Vercel employee's Workspace session, your Calendly, your Loom, your random AI meeting bot, and the "just for prototyping" Zapier integration someone installed in 2023 are all worth a look.

🛠️ Your 4-item Vercel breach checklist

1. Audit third-party OAuth apps in Google Workspace. Admin console → Security → API controls → Third-party app access. Revoke anything nobody uses, restrict broad scopes, and set "Trusted" only for apps you'd actually defend in a post-mortem.

2. If you host on Vercel, verify every secret env var has the 'Sensitive' flag. Project settings → Environment Variables. Anything unchecked is sitting in the clear at rest. Rotate NPM and GitHub tokens stored in Vercel env while you're in there.

3. Pull the IOCs from Vercel's KB bulletin and hunt for them. vercel.com/kb/bulletin/vercel-april-2026-security-incident — updated as Mandiant finds more. If you had a Vercel-maintained dependency in your build, this is your morning reading.

4. Ask yourself: if a stealer hit any of your employees' personal browsers today, how far would that OAuth session travel? This is the actual lesson. Stealer logs → OAuth session hijack → Workspace pivot is now the intrusion template. Conditional access, session length, re-auth requirements. Tighten them.

More reading: BleepingComputer · TechCrunch · Trend Micro OAuth supply-chain writeup

Tech News TL;DR

Everything else that happened between Friday and now

🔒 CYBER-SECURITY NIGHTMARES

Because sleep is overrated anyway...

🛡️ Three Microsoft Defender bugs under active exploit
Huntress is warning that attackers are chaining three newly disclosed Defender vulns — cheekily codenamed BlueHammer, RedSun, and UnDefend — to escalate privileges on compromised hosts. Yes, the thing supposed to catch them is the thing letting them in. Read more

📬 Apache ActiveMQ CVE-2026-34197 added to CISA KEV
CVSS 8.8, actively exploited, federal patch deadline is April 30. If you run ActiveMQ Classic anywhere in your environment, your calendar now has a very specific 10-day reminder. Read more

🔐 Cisco drops four critical patches across Identity Services and Webex
Two get you arbitrary code execution, two let an attacker impersonate any user in the service. The "log in as literally anyone" era of pentesting, brought to you by your favorite collab stack. Read more

🍎 Apple change-notification emails abused for phishing
Attackers are gaming Apple's account-change notification system to inject fake iPhone-purchase scams into emails that actually originate from Apple's servers. The sender header is legit. The content is not. Train users accordingly. Read more

☁️ CLOUD CHAOS

Where your data goes to party without you

🌐 AWS Interconnect Multicloud goes GA — with Google first
Layer 3 private connections between AWS VPCs and other cloud providers. Google Cloud is available now; Azure and OCI are coming later in 2026. The multicloud-is-a-pipe-dream era is quietly ending. Read more

⚙️ AWS ships EKS Auto Mode and Bedrock per-IAM-principal cost attribution
EKS Auto Mode handles VPC CNI, load balancers, and DNS for you; Bedrock now tells you exactly which IAM role just spent $3,200 on Claude calls. Finally, finance can name the guilty. Read more

📦 EBS Volume Clones are now a thing
Instant point-in-time EBS copies that are usable immediately, no waiting for the block-by-block crawl. Your staging environment just got 20× easier to refresh. Read more

🏖️ VMware sales blacked out April 30 through May 1
Broadcom is migrating VMware's internal ERP from SAP to Oracle and as a result nobody can buy, renew, or manage VMware licenses for roughly 24 hours. If your renewal falls in that window, file now. Read more

🏢 BUSINESS SHENANIGANS

Corporate chaos you need to know about

💸 Anthropic's ARR hits $30B, passes OpenAI
Anthropic's annualized revenue crossed $30 billion, topping OpenAI's $25 billion ARR for the first time. The "two-horse race" now has a new leader. For the moment. Read more

🏭 Broadcom signs expanded chip deals with Google and Anthropic
Broadcom will produce future Google AI chips and Anthropic gets access to 3.5 gigawatts of Google-silicon compute. Translation: Nvidia is no longer the only serious option, and the hyperscalers are rewriting their supply chains in real time. Read more

📉 Layoff wrap: UKG, Productboard, Taboola
UKG cut 950 (hello, South Florida), Productboard dropped 30% of the company, Taboola shed 5%. All within a week of each other. Q1's "bloodbath" is quietly extending into Q2. Read more

💼 95,878 tech jobs cut so far in 2026
Crunchbase's 2026 tracker puts the total at 249 separate layoff events and 95,878 people impacted year-to-date — averaging 864 people per day. If you're one of them and hunting, the board is at jobs.thisisanitsupportgroup.com. Read more

🤖 AI TAKING OVER

Our future robot overlords are getting smarter

🧠 GPT-5.4, Gemini 3.1 Ultra, and Grok 4.20 all shipped in April
Three frontier models in three weeks. GPT-5.4 has Standard/Thinking/Pro variants, Gemini 3.1 Ultra does native multimodal reasoning, Grok 4.20 leans harder on real-time web. Every one of them is pitching "agentic." You've been warned. Read more

🧰 Google Cloud Next 2026 teases Gemini as orchestration layer
Google is quietly repositioning Gemini from "chatbot" to agent runtime, governance layer, and connection point to enterprise systems of record. The real Next-2026 story isn't a bigger model — it's the control plane. Read more

🔥 Sam Altman's SF home targeted with a Molotov cocktail
Prosecutors say a man threw a lit Molotov at Altman's driveway gate; the SF DA called it a hate crime motivated by hostility toward AI. The AI-CEO personal-security budget line item just got real. Read more

📊 Claude Sonnet 4.6 takes top spot on GDPval-AA benchmark
1,633 Elo, 1M-token context window, billed as best-in-class for agent workflows and content pipelines. Your automation stack's favorite model may have changed again since last month. Read more

🔧 MISC TECH MADNESS

The weird stuff that doesn't fit anywhere else

📑 NIST cuts back on CVE enrichment
Facing an explosion of CVE submissions, NIST announced it'll only enrich NVD entries that meet specific criteria. Translation: fewer CVSS scores, less CPE data, and if you rely on NVD for automation, you need a backup plan. Read more

🐧 Still haven't started on Linux? (Shameless Plug Dept.)
If the Vercel breach reminded you that "everything runs on Linux under the hood" and you're still Windows-only, Shell Samurai is the hands-on practice tool I built to get you from zero to actually-comfortable. No VM, no cloud credit card — just a browser. shellsamurai.com. Shameless plug, zero regrets.

What Will Your Retirement Look Like?

Retirement looks different for everyone. What it costs, where the income comes from, how long it needs to last. Those answers are specific to you.

The Definitive Guide to Retirement Income helps investors with $1,000,000 or more work through the questions that matter and build a plan around the answers.

Download your free guide to start turning a savings number into an actual retirement income strategy.

That's the Tuesday briefing. Audit your OAuth apps, patch your Defender, reschedule your VMware renewal, and maybe don't throw Molotov cocktails at people. Back to the regular snark-filled roundup on Friday.

Stay paranoid. Stay patched. See you next Friday 🤠

-Stetson