- What: Vercel was hacked due to poor OAuth hygiene
- Impact: Unauthorized access to user data and environment variables
⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️ @endingwithali → Twitch: https://twitch.tv/endingwithali Twitter: https://twitter.com/endingwithali YouTube: https://youtube.com/@endingwithali Everywhere else: https://links.ali.dev Want to work with Ali? hak5@endingwithali.com [❗] Join the Patreon→ https://patreon.com/threatwire 0:00 0 - Intro 1 - Vercel Compromise (What is AI Context) 2 - Claude Mythos Evaluations 3 - NIST Gives Up On CVEs 4 - BSides News 5 - Outro LINKS 🔗 Story 1: Vercel Compromise (What is AI Context) https://x.com/mattjay/status/2046222804555608574 https://www.bleepingcomputer.com/news/security/vercel-confirms-breach-as-hackers-claim-to-be-selling-stolen-data/ https://vercel.com/kb/bulletin/vercel-april-2026-security-incident https://context.ai/security-update https://x.com/DiffeKey/status/2045813085408051670 https://thehackernews.com/2026/04/vercel-breach-tied-to-context-ai-hack.html https://x.com/vxunderground/status/2045913185799037263 🔗 Story 2: Claude Mythos Evaluations https://www.aisi.gov.uk/blog/our-evaluation-of-claude-mythos-previews-cyber-capabilities https://openai.com/index/scaling-trusted-access-for-cyber-defe 🔗 Story 3: NIST Gives Up On CVEs https://www.nist.gov/news-events/news/2026/04/nist-updates-nvd-operations-address-record-cve-growth https://nvd.nist.gov/general/nvd-dashboard https://www.nist.gov/itl/executive-order-14028-improving-nations-cybersecurity https://cal.com/blog/cal-diy-open-source-to-closed-source https://cal.com/blog/cal-com-goes-closed-source-why 🔗 Story 5: BSides News https://blog.trailofbits.com/2026/04/17/we-beat-googles-zero-knowledge-proof-of-quantum-cryptanalysis/ https://cyberscoop.com/google-moves-post-quantum-encryption-timeline-to-2029/ https://www.digitaltrends.com/computing/zoom-will-now-check-if-you-are-a-human-or-an-ai-imposter-during-video-meetings/ https://bugbounty.meta.com/en-gb/blog/meta-bug-bounty-x-portswigger/ https://www.helpnetsecurity.com/2026/04/17/google-gemini-harmful-ads-blocking/ -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ Our Site → https://www.hak5.org Shop → http://hakshop.myshopify.com/ Community → https://www.hak5.org/community Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1 Support → https://www.patreon.com/threatwire Contact Us → http://www.twitter.com/hak5 ____________________________________________ Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.